Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Prashanth Sheela (Prashanthks)
Self
Prashanth Sheela
Self
IN
Prashanthks Member since 2017 6 posts
Self
Posted: Jul 10, 2023
Last activity: Jul 10, 2023
Posted: 10 Jul 2023 3:46 EDT
Last activity: 10 Jul 2023 3:46 EDT
Closed

Enabling kafka on the servers leads to Java JMX vulnerabilities, how to prevent it or how to enable with pasowrd authentication

Hi,

Whenever we enable the Stream service on our Pega environments, we get java jmx multiple vulnerabilities because of the below settings found in the kafka diagnostics. This raises an alarm as an enterprise security violation from Pega environments

contents={key=com.sun.management.jmxremote.authenticate, value=false}

,items=((itemName=key,itemType=javax.management.openmbean.SimpleType(name=java.lang.String)),(itemName=value,itemType=javax.management.openmbean.SimpleType(name=java.lang.String)))),contents={key=com.sun.management.jmxremote.ssl, value=false}

 

Is there a way, we can avoid these statements to be printed in kafka diagnostics. Is there any configuration which can enable authentication for kafka. 

To see attachments, please log in.
Pega Platform 7.4
Pega Platform 8.8.2
Pega Platform 8.4.4
System Administration
Security
DevOps
Java and Activities
Case Management
Agent Desktop
Financial Services
System Architect
Team Lead
Senior System Architect

Related content:

Question

Enabling kafka on the servers leads to Java JMX vulnerabilities

Discussion

Build a custom task in Deployment Manager

Question Solved

How does the Pega platform scan attachments prior to upload to validate any malicious content?

Discussion

Encrypt data using Attribute-Based Access Control (ABAC)

Question

How to avoid writing the custom log message in PegaRules.log

Question

how can we create a read only opearator in pega

Question Solved

Pega personal edition 8.7 getting Vulnerabilities from postgres data base with pgadmin4 where pgadmin4 is having old version 4.

Question

How can we prevent application execute requests include XSS vulnerability ?

Question Solved

Java 2 Security enabling

Discussion

Pega Stream Jvm's showing JMX Authentication Not Enabled on Localhost Interfaces is detected

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice