28 May 2021 08:24 AM
Hello Everyone,
From VA scan report, We have founded vulnerability "JMX Authentication Not Enabled on Localhost Interface" that about SSRF attacks or privilege escalation on the cassandra process of Dynatrace managed. So we need to know what we can do on this vulnerability to secure.
Thank you,
Dynatrace Askme.
Solved! Go to Solution.
01 Jun 2021 12:54 AM
Hi AskMe Solutions,
Dynatrace Managed cassandra nodes don't have authentication and authorization enabled. Dynatrace Managed mitigates that risk by automatically putting IP table rules (firewall rules) in place, which make sure that only Dynatrace server nodes are able to access the cassandra port on the cassandra nodes. Cassandra is used only by Dynatrace Managed internally.
Dynatrace managed creates a dedicated user "dynatrace" in group "dynatrace" that is used for Cassandra. The user dynatrace is non-privileged service user (no console) and is not used for anything other than Dynatrace Managed.
If
If you have further queries about this, I suggest to open a ticket with Dynatrace Support, or chat with a specialist using the in-product live chat function.