[MNT-15544] CLONE - Remote access via JMX should be disabled by default Created: 20-Jan-16  Updated: 12-Feb-16  Resolved: 22-Jan-16

Status: Closed
Project: Service Packs and Hot Fixes
Component/s: Installer, JMX
Affects Version/s: 4.1, 4.2, 5.0
Fix Version/s: 5.0.3

Type: Bug
Reporter: Stefan Kopf Assignee: Closed Bugs
Resolution: Fixed Votes: 0
Labels: HFCreated, releasenotes, triaged
Remaining Estimate: 0 minutes
Time Spent: 6 hours, 32 minutes
Original Estimate: Not Specified

Attachments: PNG File jmxRemote.png     PNG File screenshot-1.png    
Issue Links:
Cloners
Dependency
Related
relates to MNT-7131 Bitrock Installer: Remote JMX connect... Closed
is related to by MNT-11275 alfresco-jmxrmi.password file not ove... Closed
Bug Priority:
Category 1
Security Issue:
Yes
Build Location: https://releases.alfresco.com/Enterprise-5.0/5.0.3/build-00084/ALL/

 Description   

Alfresco is set up by default with a JMX account that has administrator privileges and a well known password.

This password is not updated by the installer and it is not documented that you need to change this password after installation.

A reference to this account can only be found in the developer documentation:
http://docs.alfresco.com/5.0/tasks/jmx-access.html
https://wiki.alfresco.com/wiki/JMX#Connecting_through_JMX_Consoles_.2F_JSR-160


Generated at Mon Aug 10 18:00:30 BST 2020 using Jira 7.13.15#713015-sha1:7c5ddd2c3e1709974ae9c48c17df8edd3919fe2c.