Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-J7J7-G4WW-PXG5
HistoryMay 13, 2022 - 1:49 a.m.

Missing certificate validation in Apache JMeter

2022-05-1301:49:40
Google
osv.dev
5

0.002 Low

EPSS

Percentile

56.2%

JSON

In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send unauthorized code. This only affect those running in Distributed mode.

In distributed mode, JMeter makes an architectural assumption that it is operating on a ‘safe’ network. i.e. everyone with access to the network is considered trusted.

Related

cve 1
veracode 1
nvd 1
prion 1
debiancve 1
osv 1
nessus 1
github 1
ubuntucve 1
cvelist 1
f5 1
cve
cve
CVE-2018-1287
2018-02-14 14:29:00
veracode
veracode
Remote Code Execution (RCE)
2018-02-15 03:23:30
nvd
nvd
CVE-2018-1287
2018-02-14 14:29:00
prion
prion
Design/Logic Flaw
2018-02-14 14:29:00
debiancve
debiancve
CVE-2018-1287
2018-02-14 14:29:00
osv
osv
CVE-2018-1287
2018-02-14 14:29:00
nessus
nessus
Apache JMeter < 4.0 Insecure RMI Registry Binding
2018-02-24 00:00:00
github
github
Missing certificate validation in Apache JMeter
2022-05-13 01:49:40
ubuntucve
ubuntucve
CVE-2018-1287
2018-02-14 00:00:00
cvelist
cvelist
CVE-2018-1287
2018-02-11 00:00:00
f5
f5
K89010078 : Apache vulnerabilities CVE-2018-1307, CVE-2018-1298, CVE-2018-1299, CVE-2018-1287, and CVE-2018-1297
2018-07-26 00:00:00

0.002 Low

EPSS

Percentile

56.2%

JSON
Related for OSV:GHSA-J7J7-G4WW-PXG5
cve1veracode1nvd1prion1debiancve1osv1nessus1github1ubuntucve1cvelist1f51