Intrusion Prevention

Java.JMX.Server.Insecure.Configuration.Java.Code.Execution

Description

This indicates an attack attempt to exploit a Remote Code execution Vulnerability in Java JMX Server interface.
The vulnerability is due to design flaw in the application when parsing a crafted JMX request. A remote attacker could exploit this to gain admin privileges of the target application, via a crafted JMX request.

Affected Products

Java JMX Server Interface

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Please enable SSL client certificate authentication, and enable password authentication by following vendor's documentation.
https://docs.oracle.com/javase/8/docs/technotes/guides/jmx/JMX_1_4_specification.pdf

CVE References

CVE-2015-2342