Submit a ticketCall us

Solarwinds & Cisco Live! Barcelona
Join us from the 29th of January to the 2nd of February at Cisco Live 2018 in Barcelona, where we will continue to show how monitoring the network with SolarWinds will keep you ahead of the game. At our booth (WEP 1A), we will demonstrate how SolarWinds network solutions can help. As a bonus, we are also hosting a pre-event webinar - Blame the Network, Hybrid IT Edition with our SolarWinds Head Geek™, Patrick Hubbard on January 24th - GMT (UTC+0): 10:00 a.m. to 11:00 a.m. There's still time to RSVP.

Home > Success Center > Virtualization Manager (VMAN) > JAVA JMX interface vulnerability

JAVA JMX interface vulnerability

Updated March 14, 2017


This article solves the JAVA JMX interface vulnerability.



VMAN 6.x.x


Details from the vulnerability report:

The Java Management extensions (JMX) service on this host does not require any authentication. The JMX/RMI service is used to monitor the Java Virtual Machine (JVM), but can also be used to register a new managed bean (MBean) from a remote URL using the "" function. Using this function, a remote, unauthenticated attacker can upload and run a JAR file containing arbitrary Java code of the attacker's choosing.

An attacker can execute arbitrary Java code running with the same privileges as the JMX/RMI process.


Note: This resolution will block the JMX ports in the appliance's firewall. Another option is to just block it elsewhere according to the customer's options.

Log in to the VMAN appliance using SSH and execute the following commands:
sudo iptables -A INPUT -p tcp --dport 1099 -s -d -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 1099 -j DROP

sudo iptables -A INPUT -p tcp --dport 9004 -s -d -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 9004 -j DROP

sudo /etc/init.d/iptables save




Last modified