-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Manuel and Kaydo,
On 8/6/20 09:23, Manuel Dominguez Sarmiento wrote:
> JMX is usually setup on port 1099 for monitoring the JVM. It can
> be either secured, or insecure (no password, no encryption) which
> is the default configuration. If you cannot
JMX is usually setup on port 1099 for monitoring the JVM. It can be
either secured, or insecure (no password, no encryption) which is the
default configuration.
If you cannot modify the app, then the safest bet would probably be to
block access to the port with the system firewall (for instance,
Hi Everyone,
Our security scanner has identified an application that has "Java JMX Agent
Insecure Configuration" on one of our Tomcat 8.5 servers. This server was
setup by a vendor and I am not sure what JMX is being used for or how it is
setup. Does anyone have any ideas on how to resolve th
