Common Issues Identified in Java Web Console by 3rd Party Vulnerability Scanning Tools
(Doc ID 1515974.1)
Last updated on FEBRUARY 03, 2019
Applies to:Solaris Operating System - Version 10 3/05 to 10 8/11 U10 [Release 10.0]
Information in this document applies to any platform.
Companies regularly scan their systems using vulnerability scanners like Nessus or Retina and these applications almost always detects problems with Java Web Console running on port 6789.
This document serves to document these known issues and provide an explanation for each and details on how to resolve them.
First some guidance...
Always ensure you have the latest version of the Java Web Console patch (SPARC: 147673, X86: 147674) installed BEFORE performing your vulnerability scan.
As a general rule, you should make sure you have the very latest Critical Patch Update (CPU) patchset applied too to ensure your entire system is free from known security vulnerabilities.
If you are not using the Java Web Console, disable it as per the details in the How to Disable the Console Service section of the System Administration Guide: Basic Administration guide.
If you are using the Java Web Console and you do not require more access, ie the ability to connect to the Java Web Console from another host, then disable remote access as per the details in the Disabling Remote Access to the Oracle Java Web Console section of the System Administration Guide: Basic Administration guide.
All of these vulnerabilities only apply to Java Web Console running on port 6789.
Please consult your vulnerability scanner vendor for further assistance on any other issues identified on other ports.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|SSL Certificate with Wrong Hostname|
|Weak and Medium Strength Ciphers Supported|
|Certificate Signed using Weak Hashing Algorithm|
|Any Other Vulnerabilities|