Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Java Remote Management Platform Plaintext Password Detection

Medium

Synopsis

The remote host passes information across the network in an insecure manner.

Description

The remote server is managed by a Java JConsole. Further, the server is configured to accept plaintext credentials. This can be dangerous if an attacker can gain access to network traffic.

Solution

Require remote clients to use an encrypted session.