Following a network vulnerability/security scan, reports indicate a violation on port 1099. The scan shows a remote Java JMX agent is configured without SSL client and password authentication.
The process listening on port 1099 is started by ActiveMQ to run the JMS broker. This process is started by default when Tomcat is started and exposes a JMX listener for monitoring/administration on port 1099 at startup.
<APPIAN_HOME>/conf:
conf.jms.embeddedBrokerUrl=broker:(tcp://0.0.0.0:61616)?useJmx=false
This article applies to all versions earlier than 20.4 which use Tomcat as an application server.
Last Reviewed: January 2024