A security scan suggests that DLP Detection Server is affected by the "Java Debug Wire Protocol Remote Code Execution Vulnerability".

You will see the "Java Debug Wire Protocol Remote Code Execution Vulnerability" alert when someone has enabled the Java debug port. This message does not represent a vulnerability in itself. The debug port allow the user to interact with the runtime environment from the App Connect Enterprise toolkit (which is the 'remote code execution' reference).  The solution to this issue is not to use or enable the debug port.

The reason this vulnerability is not considered an issue is because the Java Debug Port must only be used in your isolated debug or test environment with no outside access. 

Also, no one would be able to exploit the debug port unless they already had gained access to your network. 

Release: 16.x

Check the SymantecDLPEnforceConnector.conf file for the following lines:

# Java Additional Parameters - jdb debugging
#wrapper.java.additional.101=-Xdebug
#wrapper.java.additional.202=-Xrunjdwp:transport=dt_socket,address=5009,server=y,suspend=n

As long as the last two lines are commented out DLP is not susceptible to the "Java Debug Wire Protocol Remote Code Execution Vulnerability".

By default, the remote debugging port is not enabled (which should not be changed), thus DLP is not susceptible to this issue.

The default location for the SymantecDLPEnforceConnector.conf file, on the Detection Server, is:
Linux: /opt/Symantec/DataLossPrevention/DetectionServer/Services/
Windows: C:\Program Files\Symantec\DataLossPrevention\DetectionServer\Services\