Description

Java Management Extensions (JMX) is a Java technology that supplies tools for managing and monitoring applications, system objects, devices (e.g. printers) and service-oriented networks. Those resources are represented by objects called MBeans (for Managed Bean). In the API, classes can be dynamically loaded and instantiated. RMI (Remote Method Invocation) is a Java specific implementation of a Remote Procedure Call interface.

Remediation

In a production system is not recommended to have the JMX/RMI service publicly available. Access to this service should be restricted.

References

Related Vulnerabilities