Our security team found below issue with JDWP in jboss. How can I fix this ?
-Djavax.net.ssl.trustStorePassword=changeit -Dhttps.protocols=TLSv1 -Xdebug -Xrunjdwp:transport=dt_socket,address=8787,server=y,suspend=n -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Dorg.jboss.boot.log.file=/
Title: Java Debug Wire Protocol Remote Code Execution Vulnerability
The remote server is running Java Debug Wire Protocol service. No authentication is required if the service is enabled.
The vulnerabilities can be exploited by malicious users to execute arbitrary code.
Disable the service
Java Debug Wire Protocol Remote Code Execution Vulnerability detected on port 8787 over TCP.
Thanks, Vishnu
You just need to disable the remote debugging. Change your command options to:
-Djavax.net.ssl.trustStorePassword=changeit -Dhttps.protocols=TLSv1 -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Dorg.jboss.boot.log.file=/