Опубликовано: 13 фев. 2018
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 7.5
CVSS3: 9.8
Описание
When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | needs-triage | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage |
Показывать по
10
EPSS
Процентиль: 96%
0.23187
Средний
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
почти 8 лет назад
When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code.
CVSS3: 9.8
debian
почти 8 лет назад
When using Distributed Test only (RMI based), Apache JMeter 2.x and 3. ...
CVSS3: 9.8
github
больше 3 лет назад
Missing certificate validation in Apache JMeter
EPSS
Процентиль: 96%
0.23187
Средний
7.5 High
CVSS2
9.8 Critical
CVSS3