漏洞类别:Local
漏洞等级: 
漏洞信息
The JMX server is exposed to sniffing attacks because It's authentication credentials are transferred via clear text. QID Detection Logic (Authenticated):
This QID executes "ps auxf | grep -i 'jmxremote.ssl'|grep -i -v -E "(jmxremote\.host=localhost|jmxremote\.host=127\.0\.0\.1\D|jmx\.local\.port)"|grep -v grep" commands to list all the running process on localhost interfaces then posts if any vulnerable process uses this insecure configuration "jmxremote.ssl=false".
漏洞危害
Traffic over non-SSL is unencrypted and vulnerable to sniffing attacks that can expose sensitive information about the user or the application.
解决方案
Enable SSL on the JMX server.
0daybank
文章评论