Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jmeter vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-25573
metersphere is an open source continuous testing platform. In affected versions an improper access control vulnerability exists in `/api/jmeter/download/files`, which allows any user to download any file without authentication. This issue may expose all files available to the run...
Metersphere Metersphere
1 Github repository
7.5
CVSSv2
CVE-2019-0187
Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests run...
Apache Jmeter 5.0
Apache Jmeter 4.0
7.5
CVSSv2
CVE-2018-1287
In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. This could allow an malicious user to get Access to JMeterEngine and send unauthorized code.
Apache Jmeter 2.10
Apache Jmeter 2.11
Apache Jmeter 2.12
Apache Jmeter 2.13
Apache Jmeter 2.3.3
Apache Jmeter 2.3.4
Apache Jmeter 2.5.1
Apache Jmeter 2.5
Apache Jmeter 2.6
Apache Jmeter 2.7
Apache Jmeter 2.8
Apache Jmeter 2.9
Apache Jmeter 3.0
Apache Jmeter 3.2
Apache Jmeter 3.3
Apache Jmeter 3.1
Apache Jmeter 2.1
Apache Jmeter 2.2
Apache Jmeter 2.3
Apache Jmeter 2.4
Apache Jmeter 2.3.1
Apache Jmeter 2.3.2
7.5
CVSSv2
CVE-2018-1297
When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an malicious user to get Access to JMeterEngine and send unauthorized code.
Apache Jmeter 2.10
Apache Jmeter 2.11
Apache Jmeter 2.12
Apache Jmeter 2.13
Apache Jmeter 2.3.3
Apache Jmeter 2.3.4
Apache Jmeter 2.5.1
Apache Jmeter 2.5
Apache Jmeter 2.6
Apache Jmeter 2.7
Apache Jmeter 2.8
Apache Jmeter 2.9
Apache Jmeter 3.0
Apache Jmeter 3.2
Apache Jmeter 3.3
Apache Jmeter 3.1
Apache Jmeter 2.1
Apache Jmeter 2.2
Apache Jmeter 2.3
Apache Jmeter 2.4
Apache Jmeter 2.3.1
Apache Jmeter 2.3.2
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started