Path Traversal Vulnerability in Apache Camel's Mail Product
CVE-2018-8041

5.3MEDIUM

Key Information:

Vendor
Apache
Status
Apache Camel
Vendor
CVE Published:
17 September 2018

Summary

A path traversal vulnerability exists in versions of Apache Camel's Mail component from 2.20.0 to 2.22.0. This vulnerability allows an attacker to gain unauthorized access to file system paths, potentially exposing sensitive information or compromising the integrity of the system. Proper validation and sanitization of user input are critical to mitigate this risk. Users are encouraged to upgrade to patched versions to safeguard against potential exploits.

Affected Version(s)

Apache Camel Camel 2.20.0 to 2.20.3, Camel 2.21.0 to 2.21.1 and Camel 2.22.0

References

http://camel.apache.org/security-advisories.data/CVE-2018...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/105352
vdb-entryx_refsource_BID
https://issues.apache.org/jira/browse/CAMEL-12630
x_refsource_CONFIRM

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.