Submit a ticketCall us

WebinarFREE IT Monitoring Webcast

Don’t miss out on our webcast, Essential IT Monitoring with SolarWinds ipMonitor, where we will show you how to keep an eye on your IT environment from one centralized, affordable, and lightweight monitoring tool: SolarWinds® ipMonitor®.

Register now.

Home > Success Center > Network Performance Monitor (NPM) > NPM - Knowledgebase Articles > AMQP Cleartext Authentication

AMQP Cleartext Authentication

Table of contents
Created by Allain M Umalin, last modified by John Wallace on Mar 08, 2017

Views: 7,394 Votes: 1 Revisions: 11



Nessus Security Vulnerability scanner reports the following vulnerability in the SolarWinds server.


AMQP Cleartext Authentication (87733)

The remote host is running a service that allows Cleartext authentication.


The remote Advanced Message Queuing Protocol (AMQP) service supports one or more authentication mechanisms that allow credentials to be sent in the clear.


CORE 2016.1, CORE 2016.2



Solarwinds Development Team advises that solarwinds software using the RabbitMQ feature, does not send authentication in Cleartext so this really should not be a concern and is more of a false positive.


If you do need to resolve such issue, It is likely that additional polling engines are being used, there are a couple of steps you should perform.


Please first upgrade environment to CORE 2016.2 platform (NPM 12.0.1, SAM 6.3, NCM 7.5.1 etc)


You should now be able to disable port 5672 on primary polling engine, which previously in CORE 2016.1 was being used.


You can additionally, if you have no firewall, also make a change inside the RabbitMQ config file.


- How to disable Cleartext authentication mechanisms in the AMQP configuration.


To close the Clear text authentication mechanism add the line to the RabbitMQ config file.

The file is named rabbitmq.config and is located at C:\ProgramData\Solarwinds\Orion\RabbitMQ.

Add the line {tcp_listeners, []} next to {ssl_listeners, [5671]} and restart the RabbitMQ service using the Orion Service Manager.

Make sure you include the comma(,) at the end of the line otherwise the service will not start.

See example below. Run the netstat command to make sure port 5672 is closed.








Last modified