What is CVE-2022-45787?

CVE-2022-45787 is a medium-severity vulnerability in Apache James, classified under Cleartext Storage of Sensitive Information. CVSS score: 5.5/10. Published 2023-01-06.

How severe is CVE-2022-45787?

Medium severity. CVSS v3 base score is 5.5 out of 10.

Vulnerability in Apache James

CVE-2022-45787

Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions. We recommend users…

EPSS: 0.003 (18.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Apache James
Apache Software Foundation James Mime4j — versions 0

Weakness classification (CWE)

CWE-312 — Cleartext Storage of Sensitive Information

References

security@apache.org (vendor-advisory, Mailing List, Vendor Advisory)

Frequently asked questions

What is CVE-2022-45787?: CVE-2022-45787 is a medium-severity vulnerability in Apache James, classified under Cleartext Storage of Sensitive Information. CVSS score: 5.5/10. Published 2023-01-06.
How severe is CVE-2022-45787?: Medium severity. CVSS v3 base score is 5.5 out of 10.