IBM Support

Java Debug Wire Protocol Remote Code Execution Vulnerability reported in App Connect Enterprise when jvmDebugPort is enabled

Question & Answer


Question

You detected the following vulnerability after enabling the Java debug port in your development environment:

Java Debug Wire Protocol Remote Code Execution Vulnerability
Description : The remote server is running Java Debug Wire Protocol service. No authentication is required if the service is enabled.
QID Detection Logic (Authenticated):
This QID executes command "ps axo user:20,pid,pcpu,pmem,vsz,rss,tty,stat,start,time,command | grep -i -E "(Xrunjdwp:|agentlib:jdwp=)[^ ].*(server=y[^ ])"|grep -v -i -E "address=(localhost|127\.0\.0\.1[^0-9])"|grep -v grep" lists all found process with "jdwp" on non-localhost.
QID Detection Logic (Unauthenticated):
This QID connects the remote JDWP port without authentication.
Remediation notes from Vulnerable Item
Disable the service or filter the incoming traffic.

You are looking for recommendations to address this vulnerability.

[{"Type":"MASTER","Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSDR5J","label":"IBM App Connect Enterprise"},"ARM Category":[{"code":"a8m3p000000hBYDAA2","label":"ACE-\u003EVulnerabilities"}],"ARM Case Number":"TS014332734","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"All Versions"}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Document Information

More support for:
IBM App Connect Enterprise

Component:
ACE->Vulnerabilities

Software version:
All Versions

Operating system(s):
Linux, Windows

Document number:
7101006

Modified date:
28 April 2025

UID

ibm17101006

Manage My Notification Subscriptions