CVE-2018-1297
- Source
- https://cve.org/CVERecord?id=CVE-2018-1297
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1297.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-1297
- Aliases
- Downstream
- Published
- 2018-02-13T12:29:00.207Z
- Modified
- 2026-04-10T04:05:08.068135Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code.
- References
-
- https://lists.apache.org/thread.html/31e0adbeca9d865ff74d0906b2248a41a1457cb54c1afbe5947df58b%40%3Cissues.jmeter.apache.org%3E
- http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAH9fUpaNzk5am8oFe07RQ-kynCsQv54yB-uYs9bEnz7tbX-O7g%40mail.gmail.com%3E
- https://bz.apache.org/bugzilla/show_bug.cgi?id=62039
Affected packages
Git / github.com/apache/jmeter
Affected ranges
- Type
- GIT
- Repo
- https://github.com/apache/jmeter
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "2.2" }, { "introduced": "0" }, { "last_affected": "2.3" }, { "introduced": "0" }, { "last_affected": "2.3.1" }, { "introduced": "0" }, { "last_affected": "2.3.2" }, { "introduced": "0" }, { "last_affected": "2.3.3" }, { "introduced": "0" }, { "last_affected": "2.3.4" }, { "introduced": "0" }, { "last_affected": "2.4" }, { "introduced": "0" }, { "last_affected": "2.5" }, { "introduced": "0" }, { "last_affected": "2.5.1" }, { "introduced": "0" }, { "last_affected": "2.6" }, { "introduced": "0" }, { "last_affected": "2.7" }, { "introduced": "0" }, { "last_affected": "2.7-rc3" }, { "introduced": "0" }, { "last_affected": "2.8" }, { "introduced": "0" }, { "last_affected": "2.8-rc1" }, { "introduced": "0" }, { "last_affected": "2.9" }, { "introduced": "0" }, { "last_affected": "2.9-rc3" }, { "introduced": "0" }, { "last_affected": "2.10-rc1" }, { "introduced": "0" }, { "last_affected": "2.10-rc2" }, { "introduced": "0" }, { "last_affected": "2.11" }, { "introduced": "0" }, { "last_affected": "2.11-rc2" }, { "introduced": "0" }, { "last_affected": "2.12" }, { "introduced": "0" }, { "last_affected": "2.12-rc1" }, { "introduced": "0" }, { "last_affected": "2.12-rc2" }, { "introduced": "0" }, { "last_affected": "2.13" }, { "introduced": "0" }, { "last_affected": "2.13-rc1" }, { "introduced": "0" }, { "last_affected": "2.13-rc2" }, { "introduced": "0" }, { "last_affected": "3.0" }, { "introduced": "0" }, { "last_affected": "3.1" }, { "introduced": "0" }, { "last_affected": "3.2" }, { "introduced": "0" }, { "last_affected": "3.3" } ] }
Affected versions
Other
v2_10_RC1
v2_10_RC2
v2_11
v2_11_RC2
v2_12
v2_12_RC1
v2_12_RC2
v2_13
v2_13_RC1
v2_13_RC2
v2_2
v2_3
v2_3_1
v2_3_2
v2_3_3
v2_3_4
v2_4
v2_5
v2_5_1
v2_6
v2_7
v2_7_RC3
v2_8
v2_8_RC1
v2_9
v2_9_RC3
v3_0
v3_1
v3_2
v3_3
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1297.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.3.3-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.3.3-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.3.4-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.3.4-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.3.4-rc3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.5-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.5-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.5-rc3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.5.1-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.5.1-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.5.1-rc3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.6-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.6-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.7-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.7-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.8-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.9-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.9-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.11-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0-rc3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0-rc4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.0-rc5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.1-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.1-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.1-rc3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.1-rc4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.2-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.2-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.2-rc3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.3-rc1"
}
]
}
]