CVE-2022-45935— Apache James server: Temporary File Information Disclosure

EPSS 0.12% · P31 Updated Apr 10, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-45935

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Apache James server: Temporary File Information Disclosure

Source: NVD (National Vulnerability Database)

Vulnerability Description

Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. Vulnerable components includes the SMTP stack and IMAP APPEND command. This issue affects Apache James server version 3.7.2 and prior versions.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

将资源暴露给错误范围

Source: NVD (National Vulnerability Database)

Vulnerability Title

Apache James 信息泄露漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Apache James是美国阿帕奇（Apache）基金会的一个完全用 Java 编写的开源 Smtp 和 Pop3 邮件传输代理和 Nntp 新闻服务器。 Apache James server存在信息泄露漏洞，该漏洞源于其使用具有不安全权限的临时文件允许具有本地访问权限的攻击者访问传输中的私有用户数据。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Apache Software Foundation	Apache James server	0 ~ 3.7.2	-

II. Public POCs for CVE-2022-45935

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-45935

请登录查看更多情报信息。

IV. Related Vulnerabilities

Same product: Apache James server

Same vendor: Apache Software Foundation

Same weakness: CWE-668

V. Comments for CVE-2022-45935

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-45935— Apache James server: Temporary File Information Disclosure

I. Basic Information for CVE-2022-45935

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-45935

III. Intelligence Information for CVE-2022-45935

IV. Related Vulnerabilities

V. Comments for CVE-2022-45935

Leave a comment