You are currently reviewing an older revision of this page.

DRAFT KB-XXXX Port 1099 network security vulnerability

Symptoms

Following a network vulnerability/security scan, reports indicate a violation on port 1099. The scan shows a remote Java JMX agent is configured without SSL client and password authentication.

Cause

The process listening on port 1099 is started by ActiveMQ to run the JMS broker. This process is started by default when Tomcat is started and exposes a JMX listener for monitoring/administration on port 1099 at startup.

Action

  1. Shut down the application server.
  2. Add the following line to custom.properties file in <APPIAN_HOME>/conf: 
    conf.jms.embeddedBrokerUrl=broker:(tcp://0.0.0.0:61616)?useJmx=false
  3. Start the application server.

Affected Versions

This article applies to all versions of Appian using Tomcat as an application server.

Last Reviewed: July 2019

© 2024 Appian. All rights reserved.