Skip to main content

Cleartext Storage of Sensitive Information

CVE-2022-45787

Severity Medium
Score 5.5/10

Summary

Unproper laxist permissions on the temporary files used by MIME4J 'TempFileStorageProvider' may lead to information disclosure to other local users. This issue affects Apache James MIME4J versions prior to 0.8.9.

  • LOW
  • LOCAL
  • NONE
  • UNCHANGED
  • NONE
  • LOW
  • HIGH
  • NONE

CWE-312 - Cleartext Storage of Sensitive Information

The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

Advisory Timeline

  • Published