Lucene search
K

7 matches found

vulnersOsv
vulnersOsv
added 2019/03/07 6:47 p.m.4 views

com.github.kulya:jmeter-gradle-plugin (>=1.3.1-2.6 <=1.3.4-2.9), com.lazerycode.jmeter:jmeter-maven-plugin (>=1.4 <=1.8.1) +6 more potentially affected by CVE-2019-0187 via org.apache.jmeter:ApacheJMeter (>=2.6 <=5.0)

org.apache.jmeter:ApacheJMeter MAVEN version =2.6, =1.3.1-2.6, =1.4, =1.0.7-3.0-BETA, =1.0.7-3.0-BETA, =6.3.0, =6.2.0, =6.6.0 Source cves: CVE-2019-0187 Source advisory: OSV:GHSA-WG37-7MRV-CFWM...

9.8CVSS7.7AI score0.02709EPSS
Exploits0
NVD
NVD
added 2019/03/06 5:29 p.m.25 views

CVE-2019-0187

Unauthenticated RCE is possible when JMeter is used in distributed mode -r or -R command line options. Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed...

9.8CVSS9.5AI score0.02709EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2019/03/06 5:29 p.m.22 views

CVE-2019-0187

Unauthenticated RCE is possible when JMeter is used in distributed mode -r or -R command line options. Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed...

9.8CVSS7.2AI score0.02709EPSS
Exploits0References3
OSV
OSV
added 2019/03/06 5:29 p.m.16 views

CVE-2019-0187

Unauthenticated RCE is possible when JMeter is used in distributed mode -r or -R command line options. Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed...

9.8CVSS9.4AI score
Exploits0References2
Cvelist
Cvelist
added 2019/03/06 5:0 p.m.30 views

CVE-2019-0187

Unauthenticated RCE is possible when JMeter is used in distributed mode -r or -R command line options. Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed...

9.5AI score0.02709EPSS
Exploits0References2
CVE
CVE
added 2019/03/06 5:0 p.m.103 views

CVE-2019-0187

Apache JMeter in distributed mode (-r/-R) is affected by CVE-2019-0187, enabling unauthenticated remote code execution via a RemoteJMeterEngine over RMI using untrusted data deserialization. The issue is limited to tests running in Distributed mode; pre-4.0 versions do not encrypt traffic between...

9.8CVSS9.3AI score0.02709EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2019/03/06 5:0 p.m.19 views

CVE-2019-0187

Unauthenticated RCE is possible when JMeter is used in distributed mode -r or -R command line options. Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed...

9.8CVSS9.5AI score0.02709EPSS
Exploits0
Rows per page
Query Builder