Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jmeter vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-25573
metersphere is an open source continuous testing platform. In affected versions an improper access control vulnerability exists in `/api/jmeter/download/files`, which allows any user to download any file without authentication. This issue may expose all files available to the run...
Metersphere Metersphere
1 Github repository
668
VMScore
CVE-2019-0187
Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests run...
Apache Jmeter 5.0
Apache Jmeter 4.0
668
VMScore
CVE-2018-1287
In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. This could allow an malicious user to get Access to JMeterEngine and send unauthorized code.
Apache Jmeter 2.10
Apache Jmeter 2.11
Apache Jmeter 2.12
Apache Jmeter 2.13
Apache Jmeter 2.3.3
Apache Jmeter 2.3.4
Apache Jmeter 2.5.1
Apache Jmeter 2.5
Apache Jmeter 2.6
Apache Jmeter 2.7
Apache Jmeter 2.8
Apache Jmeter 2.9
Apache Jmeter 3.0
Apache Jmeter 3.2
Apache Jmeter 3.3
Apache Jmeter 3.1
Apache Jmeter 2.1
Apache Jmeter 2.2
Apache Jmeter 2.3
Apache Jmeter 2.4
Apache Jmeter 2.3.1
Apache Jmeter 2.3.2
668
VMScore
CVE-2018-1297
When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an malicious user to get Access to JMeterEngine and send unauthorized code.
Apache Jmeter 2.10
Apache Jmeter 2.11
Apache Jmeter 2.12
Apache Jmeter 2.13
Apache Jmeter 2.3.3
Apache Jmeter 2.3.4
Apache Jmeter 2.5.1
Apache Jmeter 2.5
Apache Jmeter 2.6
Apache Jmeter 2.7
Apache Jmeter 2.8
Apache Jmeter 2.9
Apache Jmeter 3.0
Apache Jmeter 3.2
Apache Jmeter 3.3
Apache Jmeter 3.1
Apache Jmeter 2.1
Apache Jmeter 2.2
Apache Jmeter 2.3
Apache Jmeter 2.4
Apache Jmeter 2.3.1
Apache Jmeter 2.3.2
3 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started