Java Debug Wire Protocol remote code execution

Description
  • The Java Debug Wire Protocol (JDWP) is the protocol used for communication between a debugger and the Java virtual machine (VM) which it debugs (hereafter called the target VM). JDWP is one layer within the Java Platform Debugger Architecture (JPDA). JDWP does not use any authentication and could be abused by an attacker to execute arbitrary code on the affected server.
Remediation
  • Java Debug Wire Protocol (JDWP) should be disabled in production systems.
References