Java.Management.Extensions.Insecure.Remote.Access
Description
This indicates detection of an Insecure Remote Access to a Java Management Extensions (JMX) interface.
A JMX interface without security setting is unsafe for the public Java Application Platform. Any remote user who knows (or recon) your JMX port number and host name will be able to monitor and control your Java application and platform. While it may be acceptable for development, it is not recommended for production systems.
Affected Products
Any JMX without security setting
Impact
Denial of Service: Remote attackers can crash vulnerable systems
Recommended Actions
Config the Java platform with Authentication.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |