Java.JMX.Insecure.Endpoints.Remote.Access
Description
This indicates detection of an scanning attempt to check whether a Java Management Extensions (JMX) interface is accessible remotely.
A JMX interface without security setting is unsafe for the public Java Application Platform. Any remote user who knows (or recon) your JMX port number and host name will be able to monitor and control your Java application and platform. Ab attacker can run the scanner to check if there are any JMX interfaces accessible remotely for exploitation.
Affected Products
Any JMX without security setting
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Restrict and monitor remote and public access to JMX interface.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-01-04 | 13.518 |