Detections
Analytics
Java Debug Wire Protocol Detection
high Nessus Plugin ID 58400
Language:
Synopsis
A debugger service is running on the remote host.Description
A Java Debug Wire Protocol (JDWP) server was detected on the remote host. This is a network protocol that allows debugging of a remote Java virtual machine. Authentication is not required to access this service. A remote, unauthenticated attacker could connect to this service and execute arbitrary Java code.Depending on the application being debugged, it is possible that this service will stop running after it has been detected by Nessus. As such, this plugin only runs if 'Safe checks' have been disabled.
Solution
Filter incoming traffic to this port or disable this service.See Also
https://docs.oracle.com/javase/1.5.0/docs/guide/jpda/
https://docs.oracle.com/javase/1.5.0/docs/guide/jpda/jdwp-spec.html
Plugin Details
Severity: High
ID: 58400
File Name: jdwp_detect.nasl
Version: 1.8
Type: remote
Family: Service detection
Published: 3/20/2012
Updated: 10/19/2022
Configuration: Enable thorough checks
Asset Inventory: true
Supported Sensors: Nessus
Risk Information
CVSS Score Rationale: Score based on in depth analysis by tenable.
CVSS v2
Risk Factor: High
Base Score: 7.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: manual
CVSS v3
Risk Factor: High
Base Score: 8.3
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
Vulnerability Information
CPE: cpe:/a:oracle:jre
Required KB Items: Settings/ThoroughTests
Excluded KB Items: global_settings/disable_service_discovery