CAPM Application VA Assessment - JMX Server
Article ID: 224611
Updated On:
Products
CA Performance Management - Usage and Administration
Issue/Introduction
We received Application VA Assessment on CAPM application server.
Scanner : Qualys
Port: 11099 and 1099
| Application | OS | Type | Title | Severity | Solution |
| DA | RHEL 7.3 | JMX | JMX Server Allows Clear Text Authentication | 2 | Enable SSL on the JMX server. |
| DC | RHEL 7.3 | JMX | JMX Server Allows Clear Text Authentication | 2 | Enable SSL on the JMX server. |
Environment
Release : 21.2
Component : IM Data Aggregator
Cause
Currently product uses clear text, feature is planned to enable SSL for the same.
Resolution
There is already a feature planned to fix this vulnerability
This is in the Engineering backlog.
Currently there is no ETA.
Workaround:
block 1099 (DA/DC) and 11099 (AMQ) via iptables/firewall
Allow only localhost to access them.
Feedback
Yes
No
Powered by
