Not a customer? Click the 'Start a free trial' link to begin a 30-day SaaS trial of our product and to join our community.
Existing Cisco AppDynamics customers should click the 'Sign In' button to authenticate to access the community
04-11-2017 06:58 AM
Hi
We are gearing up to be audited for PCI. How can I achieve the above result so that we can get a clean scan on our servers?
Here is more info:
TCP Port 9091
[root@01 ~]# netstat -putan | egrep "9091"
tcp 0 0 :::9091 :::* LISTEN 2318/java
[root@01 ~]# ps aux | grep 2318
root 555 0.0 0.0 103320 844 pts/0 R+ 14:42 0:00 grep 2318
root 2318 0.1 4.1 7854504 336264 ? Sl Feb10 151:56 /opt/appdynamics/machine-agent/jre/bin/java -Dlog4j.configuration=file:/opt/appdynamics/machine-agent/conf/logging/log4j.xml -jar /opt/appdynamics/machine-agent/machineagent.jar
[root@01 ~]# /opt/appdynamics/machine-agent/jre/bin/java -version
java version "1.8.0_74"
Java(TM) SE Runtime Environment (build 1.8.0_74-b02)
Java HotSpot(TM) 64-Bit Server VM (build 25.74-b02, mixed mode)
Thanks
Kobus
04-11-2017 10:32 AM
Hi Kobus,
Is this vulenaribility discovered on an AppDynamics Contoller endpoint? If so could you please share the endpoint URL?
Machine Agent is not a web server, so I do not see the connection.
Regards,
Saradhi
04-12-2017 01:35 AM
Hi
Thank you fo rthe reply.
In answer:
Well it is on one, and only one of our servers. It is not on an endpoint, just a normal server with the client installed.
So yes, I dont understand that either. I might just reinstall the client and see what happens.
Kobus
04-12-2017 01:41 AM
04-12-2017 01:49 AM
Well, there is, but the other webservers does not have this port 9091 open. Just this one process as I listed in my original post.
04-12-2017 03:58 AM
It would give a better idea how the vulnearibility scanner detects this vulnerability on 9091. It should be calling some end point otherwise I do not see an issue of XSS.
User | Count |
---|---|
2 | |
1 | |
1 | |
1 |
Thank you! Your submission has been received!
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form