KB labels


Ticket Product Version

Ticket Category

Ticket Assignee


Hot Fixes

Published Fixes
Your Arcserve Support User Profile
First Name:
Last Name:
email:
Phone:
Company:*
Customer Type:
Language:

Country:
Region:

Time zone:
Follow

arcserve-KB : Arcserve UDP | UDP Console security caused by unauthenticated JMX port

Last Update: 2017-03-09 04:18:07 UTC
Description: UDP Console expose JMX port without authentication which can be exploited by JMX remote attack and make the system unsecure. 
 
The CVE number assigned to this is CVE-2016-9927
 
The problem is not applicable  in  UDP 6.5 
 
For installations on UDP 5 or UDP 6 please follow the below solution.

Solution :
 
Please upgrade to UDP 6.5 
 
If you still would like to continue with Arcserve UDP v5 and Arcserve UDP v6, please follow the below steps for fixing it.

1. Open registry to go to HEKY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Apache Software Foundation\ Procrun 2.0\ CAARCAppSvc\ Parameters\ Java
2. Click Options on the right-hand panel and below screenshot will show up

3. Remove the highlighted parameters in the above screenshot.
4. Restart Arcserve UDP Management Service.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments