KB labels


Ticket Product Version

Ticket Category

Ticket Assignee


Hot Fixes

Published Fixes
Your Arcserve Support User Profile
First Name:
Last Name:
email:
Phone:
Company:*
Customer Type:
Language:

Country:
Region:

Time zone:
Follow

arcserve-KB : Arcserve UDP | UDP Console security caused by unauthenticated JMX port

Last Update: 2016-12-14 15:11:38 UTC
Description: UDP Console expose JMX port without authentication which can be exploited by JMX remote attack and make the system unsecure. 
 
The CVE number assigned to this is CVE-2016-9927
 
This applies only to Arcserve UDP v5 and Arcserve UDP v6

Solution :
Please follow the below steps for fixing it.
1. Open registry to go to HEKY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Apache Software Foundation\ Procrun 2.0\ CAARCAppSvc\ Parameters\ Java
2. Click Options on the right-hand panel and below screenshot will show up

3. Remove the highlighted parameters in the above screenshot.
4. Restart Arcserve UDP Management Service.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments