Intrusion Prevention

Java.Management.Extensions.Insecure.Remote.Access

Description

This indicates detection of an Insecure Remote Access to a Java Management Extensions (JMX) interface.
A JMX interface without security setting is unsafe for the public Java Application Platform. Any remote user who knows (or recon) your JMX port number and host name will be able to monitor and control your Java application and platform. While it may be acceptable for development, it is not recommended for production systems.

Affected Products

Any JMX without security setting

Impact

Denial of Service: Remote attackers can crash vulnerable systems

Recommended Actions

Config the Java platform with Authentication.