KB-1970 Port 1099 network security vulnerability

Symptoms

Following a network vulnerability/security scan, reports indicate a violation on port 1099. The scan shows a remote Java JMX agent is configured without SSL client and password authentication.

Cause

The process listening on port 1099 is started by ActiveMQ to run the JMS broker. This process is started by default when Tomcat is started and exposes a JMX listener for monitoring/administration on port 1099 at startup.

Action

  1. Shut down the application server.
  2. Add the following line to custom.properties file in <APPIAN_HOME>/conf:
    conf.jms.embeddedBrokerUrl=broker:(tcp://0.0.0.0:61616)?useJmx=false
  3. Start the application server.

Affected Versions

This article applies to all versions earlier than 20.4 which use Tomcat as an application server.

Last Reviewed: January 2024

Related
Recommended