CA Privileged Access Manager (PAM)CA Privileged Access Manager - Cloakware Password Authority (PA)CA Privileged Access Manager - Server Control (PAMSC)
Issue/Introduction
Jetty 5.1.15 is showing the header when scanning on port 27077. This should be removed due to audit purposes.
C:\NMAP\nmap-7.80>nmap -sV -Pn -p 27077 <CA PAM Proxy Hostname / IP Address> Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-29 15:02 India Standard Time Nmap scan report for <CA PAM Proxy Hostname / IP Address> Host is up (0.24s latency).
PORT STATE SERVICE VERSION (This is the header)
27077/tcp open http Jetty 5.1.15 (Windows Server 2016/10.0 x86 java/1.8.0_201)
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 16.44 seconds
Environment
Release : 3.1.1 and higher
Component : PRIVILEGED ACCESS MANAGEMENT
Cause
The response on nmap command showing the Jetty header values is not a listed vulnerability, even if the default port is modified and a scan on the new port is performed the same results are displayed.
The display of the header values for Jetty is not a classified vulnerability and does not impact the way the product works.
Resolution
As per engineering team this is the expected behavior, an product enhancement needs to be in place for making any change to this behavior and also this is not a classified vulnerability.
The only other possibility is to use the "Windows Remote" connector for the Windows Target device in place of deploying CA PAM Proxy.
Do refer to the product documentation regarding 'Windows Remote' and 'CA PAM Proxy' to know more and choose the best option.