Cleartext Storage of Sensitive Information
CVE-2022-45787
Summary
Unproper laxist permissions on the temporary files used by MIME4J 'TempFileStorageProvider' may lead to information disclosure to other local users. This issue affects Apache James MIME4J versions prior to 0.8.9.
- LOW
- LOCAL
- NONE
- UNCHANGED
- NONE
- LOW
- HIGH
- NONE
CWE-312 - Cleartext Storage of Sensitive Information
The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
References
Advisory Timeline
- Published