You are currently reviewing an older revision of this page.

DRAFT KB-XXXX Port 1099 network security vulnerability

Symptoms

Following a network vulnerability/security scan, reports indicate a violation on port 1099. Scan shows a remote Java JMX agent is configured without SSL client and password authentication.

Cause

The process listening on port 1099 is started by ActiveMQ to run the JMS broker. This process is started by default when we start Tomcat, and exposes a JMX listener for monitoring/administration on port 1099 at startup.

Action

  1. Shut down the Appian application server.
  2. Open the custom.properties file in <APPIAN_HOME>/conf
  3. Add the following line:
    conf.jms.embeddedBrokerUrl=broker:(tcp://0.0.0.0:61616)?useJmx=false
  4. Restart the application server.

 

Affected Versions

  • This article applies to all versions of Appian using tomcat as an application server.

Last Reviewed: Month YYYY