CAPM Application VA Assessment - JMX Server

book

Article ID: 224611

calendar_today

Updated On:

Products

CA Performance Management - Usage and Administration

Issue/Introduction

We received Application VA Assessment on CAPM application server.

Scanner : Qualys

Port: 11099 and 1099

Application OS Type Title Severity Solution
DA RHEL 7.3 JMX JMX Server Allows Clear Text Authentication 2 Enable SSL on the JMX server.
DC RHEL 7.3 JMX JMX Server Allows Clear Text Authentication 2 Enable SSL on the JMX server.

Cause

Currently product uses clear text, feature is planned to enable SSL for the same.

Environment

Release : 21.2

Component : IM Data Aggregator

Resolution

There is already a feature planned to fix this vulnerability

This is in the Engineering backlog.

Currently there is no ETA.

Workaround:

block 1099 (DA/DC) and 11099 (AMQ) via iptables/firewall

Allow only localhost to access them.