Lucene search
K

64 matches found

CNVD
CNVD
added 2018/02/24 12:0 a.m.36 views

Apache JMeter Remote Command Execution Vulnerability

Apache Jmeter is an open source Java application designed to test functional behavior and measure performance for load ... Apache JMeter suffers from a remote command execution vulnerability in distributed mode using an insecure RMI connection, which can be exploited by an attacker to execute...

9.8CVSS7.8AI score0.10096EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/02/24 12:0 a.m.32 views

Apache JMeter Detection

Binary data apachejmeterdetectwin.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/02/24 12:0 a.m.163 views

Apache JMeter < 4.0 Insecure RMI Registry Binding

One or more versions of Apache JMeter discovered on the remote host is affected by a remote code execution vulnerability as a result of insecure RMI registry binding. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

9.8CVSS9.1AI score0.03416EPSS
Exploits0References2
seebug.org
seebug.org
added 2018/02/23 12:0 a.m.90 views

Apache JMeter uses an unsecure RMI connection in Distributed mode

Severity: Important Vendor: The Apache Software Foundation Versions Affected: JMeter 2.X, 3.X Description 0: When using Distributed Test only RMI based, jmeter uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code. This only affect...

6.7AI score
Exploits0
Veracode
Veracode
added 2018/02/15 3:23 a.m.19 views

Remote Code Execution (RCE)

Apache JMeter is vulnerable to remote code execution RCE attacks. The library binds the RMI connection to a wildcard hostname, allowing a malicious user to inject and execute arbitrary commands through it by connecting to it...

9.8CVSS9.9AI score0.03416EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2018/02/14 2:29 p.m.3 views

DEBIAN-CVE-2018-1287

In Apache JMeter 2.X and 3.X, when using Distributed Test only RMI based, jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...

9.8CVSS6.9AI score0.03416EPSS
Exploits0References1
OSV
OSV
added 2018/02/14 2:29 p.m.15 views

CVE-2018-1287

In Apache JMeter 2.X and 3.X, when using Distributed Test only RMI based, jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...

9.8CVSS9.5AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2018/02/14 2:29 p.m.15 views

CVE-2018-1287

In Apache JMeter 2.X and 3.X, when using Distributed Test only RMI based, jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...

9.8CVSS7.2AI score0.03416EPSS
Exploits0References3
Prion
Prion
added 2018/02/14 2:29 p.m.18 views

Design/Logic Flaw

In Apache JMeter 2.X and 3.X, when using Distributed Test only RMI based, jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...

7.5CVSS9.2AI score0.03416EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2018/02/14 2:29 p.m.27 views

CVE-2018-1287

In Apache JMeter 2.X and 3.X, when using Distributed Test only RMI based, jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...

9.8CVSS9.4AI score0.03416EPSS
Exploits0References3
OSV
OSV
added 2018/02/14 2:29 p.m.4 views

UBUNTU-CVE-2018-1287

In Apache JMeter 2.X and 3.X, when using Distributed Test only RMI based, jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...

9.8CVSS7.3AI score0.03416EPSS
Exploits0References4
CVE
CVE
added 2018/02/14 2:0 p.m.94 views

CVE-2018-1287

CVE-2018-1287 affects Apache JMeter 2.X and 3.X in Distributed Test (RMI-based) mode, where the jmeter server binds the RMI Registry to a wildcard host. This can allow an attacker to gain access to the JMeterEngine and send unauthorized code. The available connected documents confirm the vulnerab...

9.8CVSS9.2AI score0.03416EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/02/14 2:0 p.m.26 views

CVE-2018-1287

In Apache JMeter 2.X and 3.X, when using Distributed Test only RMI based, jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...

9.4AI score0.03416EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2018/02/14 2:0 p.m.46 views

CVE-2018-1287

In Apache JMeter 2.X and 3.X, when using Distributed Test only RMI based, jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...

9.8CVSS9.4AI score0.03416EPSS
Exploits0
Veracode
Veracode
added 2018/02/13 12:52 p.m.19 views

Remote Code Execution (RCE)

Apache JMeter is vulnerable to remote code execution RCE attacks. The application uses an insecure RMI connection when conducting distributed tests, allowing a malicious user to inject and execute arbitrary code through serialized objects...

9.8CVSS9.8AI score0.10096EPSS
Exploits0References7Affected Software2
UbuntuCve
UbuntuCve
added 2018/02/13 12:29 p.m.28 views

CVE-2018-1297

When using Distributed Test only RMI based, Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...

9.8CVSS7.2AI score0.10096EPSS
Exploits0References3
Prion
Prion
added 2018/02/13 12:29 p.m.17 views

Code injection

When using Distributed Test only RMI based, Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...

7.5CVSS9.2AI score0.10096EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/02/13 12:29 p.m.36 views

UBUNTU-CVE-2018-1297

When using Distributed Test only RMI based, Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...

9.8CVSS7.3AI score0.10096EPSS
Exploits0References4
OSV
OSV
added 2018/02/13 12:29 p.m.4 views

DEBIAN-CVE-2018-1297

When using Distributed Test only RMI based, Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...

9.8CVSS6.9AI score0.10096EPSS
Exploits0References1
OSV
OSV
added 2018/02/13 12:29 p.m.24 views

CVE-2018-1297

When using Distributed Test only RMI based, Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code...

9.8CVSS9.5AI score
Exploits0References3
Rows per page
Query Builder