CVE-2018-1297

Priority
Description
When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x
uses an unsecured RMI connection. This could allow an attacker to get
Access to JMeterEngine and send unauthorized code.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needs-triage)
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 18.10 (Cosmic Cuttlefish):ignored (reached end-of-life)
Ubuntu 19.04 (Disco Dingo):needs-triage
Ubuntu 19.10 (Eoan):needs-triage
More Information

Updated: 2019-07-18 17:30:56 UTC (commit 649f8c6455205380e35ed054e9ea734222c716bb)