This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Java security issues addressed with release of new VMAN?

 Java security issues addressed with release of new VMAN?

Security team here is "hot" over discovery of unsecured Java JMX agent in our environment's VMAN 8.3.1 appliance.  https://knowledge.broadcom.com/external/article/130586/java-jmx-agent-insecure-configuration.html 

I am currently working on an Orion ecosystem rebuild, looking for confirmation that the issue is addressed in new issue.  Any information is appreciated.

Best,

Phil

  • Hi Phil,

    When you say appliance I assume you mean the legacy Linux based VM appliance. The last version of the appliance was 8.1 and it is about to be EoL. Since you mentioned you are in the midst of a rebuild it would be a good time to move everything to Orion based polling and decomission the appliance completely.