Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-1297

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using Distributed Test only RMI based, Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngi...

9.8CVSS7.3AI score0.10096EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/05/13 1:49 a.m.3 views

com.github.kulya:jmeter-gradle-plugin (>=1.3.1-2.6 <=1.3.4-2.9), com.lazerycode.jmeter:jmeter-maven-plugin (>=1.4 <=1.8.1) +4 more potentially affected by CVE-2018-1297 via org.apache.jmeter:ApacheJMeter (>=2.6 <=3.3)

org.apache.jmeter:ApacheJMeter MAVEN version =2.6, =1.3.1-2.6, =1.4, =1.0.7-3.0-BETA, =1.0.7-3.0-BETA, =6.3.0, =6.2.0, =6.6.0 Source cves: CVE-2018-1297 Source advisory: OSV:GHSA-7V85-6HV2-RWGW...

9.8CVSS7.7AI score0.10096EPSS
Exploits0
pentestit
pentestit
added 2018/04/06 6:5 a.m.408 views

Apache JMeter RMI Code Execution PoC (CVE-2018-1297)

PenTestIT RSS Feed Recently, I read about a remote code execution RCE vulnerability; CVE-2018-1297, that affects yet another Apache product - JMeter. As you might know, "The Apache JMeter™ application is open source software, a 100% pure Java application designed to load test functional behavior...

7.5CVSS9.7AI score0.10096EPSS
Exploits0
CVE
CVE
added 2018/02/13 12:0 p.m.98 views

CVE-2018-1297

CVE-2018-1297 affects Apache JMeter (versions 2.x and 3.x) in distributed testing mode using an unsecured RMI connection, allowing remote access to JMeterEngine and potential code execution. Exploitation details are shown in public PoCs (e.g., RMIRegistryExploit with CommonsCollections1) and repo...

9.8CVSS9.2AI score0.10096EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder