CVE-2018-1297: Apache JMeter uses an unsecure RMI connection in Distributed mode

Published: 11/02/2018
CVE-2018-1297: Apache JMeter uses an unsecure RMI connection in Distributed mode
Source: SECLISTS.ORG

Posted by Philippe Mouawad on Feb 11 Severity: Important Vendor: The Apache Software Foundation Versions Affected: JMeter 2.X, 3.X Description [0]: When using Distributed Test only (RMI based), jmeter uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code. This only affect tests running in Distributed mode. Mitigation: * Users must u

Read more
Related news
Comment
Latest in blog
FACEBOOK