In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. This could allow an malicious user to get Access to JMeterEngine and send unauthorized code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache jmeter 2.10 |
||
apache jmeter 2.11 |
||
apache jmeter 2.12 |
||
apache jmeter 2.13 |
||
apache jmeter 2.3.3 |
||
apache jmeter 2.3.4 |
||
apache jmeter 2.5.1 |
||
apache jmeter 2.5 |
||
apache jmeter 2.6 |
||
apache jmeter 2.7 |
||
apache jmeter 2.8 |
||
apache jmeter 2.9 |
||
apache jmeter 3.0 |
||
apache jmeter 3.2 |
||
apache jmeter 3.3 |
||
apache jmeter 3.1 |
||
apache jmeter 2.1 |
||
apache jmeter 2.2 |
||
apache jmeter 2.3 |
||
apache jmeter 2.4 |
||
apache jmeter 2.3.1 |
||
apache jmeter 2.3.2 |