Is there a fix or workaround for the ITCAM for WAS Java JMX Server Insecure Configuration Remote Code Execution Vulnerability?

Question & Answer

Question

Is there a fix or workaround for the ITCAM for WAS Java JMX Server Insecure Configuration Remote Code Execution Vulnerability which had the following RFE opened for it-

http://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=122360

Answer

At this time a fix has not yet been released. However, if applicable the following workaround can be used-

The WasJMXServer process is required only for DC-less monitoring. If all the WebSphere servers in the your environment are configured with DC, then this process is not required. So assuming that you are not using DC-less monitoring you can do the following:

Turn off this process and hence remove the security vulnerability. To do this:

1. Go to <DC_HOME>/7.2.0.0.15/runtime/custom directory.

2. Rename the file connection.properties with a different extension (or move it out of this directory).

3. Restart the kynagent process.

4. Verify the WasJMXServer process is not running. Rerun the security scan to confirm the vulnerability is gone.

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SS3PGL","label":"Tivoli Composite Application Manager for WebSphere"},"Component":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"All Versions","Edition":"7.2","Line of Business":{"code":"LOB45","label":"Automation"}}]

Product Synonym

ITCAM for AD, ITCAM for Applications

Was this topic helpful?

Document Information

Modified date:
27 July 2021

UID

ibm15736993

Tips