virus logo Intrusion Prevention

Java.Management.Extensions.Insecure.Remote.Access

description-logoDescription

This indicates detection of an Insecure Remote Access to a Java Management Extensions (JMX) interface.
A JMX interface without security setting is unsafe for the public Java Application Platform. Any remote user who knows (or recon) your JMX port number and host name will be able to monitor and control your Java application and platform. While it may be acceptable for development, it is not recommended for production systems.

affected-products-logoAffected Products

Any JMX without security setting

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable systems

recomended-action-logoRecommended Actions

Config the Java platform with Authentication.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html
ID 40812
Created Jul 07, 2015
Updated Dec 24, 2018
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows, Linux
Affected App Other