UBUNTU-CVE-2018-1297
- Source
- https://ubuntu.com/security/CVE-2018-1297
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-1297.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2018-1297
- Related
- Published
- 2018-02-13T12:29:00Z
- Modified
- 2024-10-15T14:06:29Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code.
- References
Affected packages
Ubuntu:Pro:16.04:LTS / jakarta-jmeter
Package
- Name
- jakarta-jmeter
- Purl
- pkg:deb/ubuntu/jakarta-jmeter?arch=src?distro=esm-apps/xenial
Ubuntu:Pro:18.04:LTS / jakarta-jmeter
Package
- Name
- jakarta-jmeter
- Purl
- pkg:deb/ubuntu/jakarta-jmeter?arch=src?distro=esm-apps/bionic
Ubuntu:20.04:LTS / jakarta-jmeter
Package
- Name
- jakarta-jmeter
- Purl
- pkg:deb/ubuntu/jakarta-jmeter?arch=src?distro=focal
Ubuntu:22.04:LTS / jakarta-jmeter
Package
- Name
- jakarta-jmeter
- Purl
- pkg:deb/ubuntu/jakarta-jmeter?arch=src?distro=jammy
Ubuntu:24.10 / jakarta-jmeter
Package
- Name
- jakarta-jmeter
- Purl
- pkg:deb/ubuntu/jakarta-jmeter?arch=src?distro=oracular