Submit a ticketCall us

Webinar: Web Help Desk for HR, Facilities and Accounting Departments
This webinar will focus on use cases for HR, Facilities and Accounting.

Having a unified ticketing and asset management system for all the departments in your company can provide end-users with a seamless experience and make things easier for your IT team. Yet, with different business tasks and objectives, many departments don’t fully understand the capabilities of Web Help Desk and how the software can be customized for effective use in their departments.
Register Now.

Home > Success Center > Network Performance Monitor (NPM) > AMQP Cleartext Authentication

AMQP Cleartext Authentication

Table of contents
Created by Allain M Umalin, last modified by John Wallace on Mar 08, 2017

Views: 1,419 Votes: 1 Revisions: 11



Nessus Security Vulnerability scanner reports the following vulnerability in the SolarWinds server.


AMQP Cleartext Authentication (87733)

The remote host is running a service that allows Cleartext authentication.


The remote Advanced Message Queuing Protocol (AMQP) service supports one or more authentication mechanisms that allow credentials to be sent in the clear.


CORE 2016.1, CORE 2016.2



Solarwinds Development Team advises that solarwinds software using the RabbitMQ feature, does not send authentication in Cleartext so this really should not be a concern and is more of a false positive.


If you do need to resolve such issue, It is likely that additional polling engines are being used, there are a couple of steps you should perform.


Please first upgrade environment to CORE 2016.2 platform (NPM 12.0.1, SAM 6.3, NCM 7.5.1 etc)


You should now be able to disable port 5672 on primary polling engine, which previously in CORE 2016.1 was being used.


You can additionally, if you have no firewall, also make a change inside the RabbitMQ config file.


- How to disable Cleartext authentication mechanisms in the AMQP configuration.


To close the Clear text authentication mechanism add the line to the RabbitMQ config file.

The file is named rabbitmq.config and is located at C:\ProgramData\Solarwinds\Orion\RabbitMQ.

Add the line {tcp_listeners, []} next to {ssl_listeners, [5671]} and restart the RabbitMQ service using the Orion Service Manager.

Make sure you include the comma(,) at the end of the line otherwise the service will not start.

See example below. Run the netstat command to make sure port 5672 is closed.








Last modified
14:56, 8 Mar 2017