by Scanning with Nessus on the Thycotic PAM RabbitMQ server revealed the following vulnerability. Normally SSL connections and settings are made. Despite this, this clarity emerged.
Description
Synopsis
The remote host is running a service that allows cleartext authentication.
Description
The remote Advanced Message Queuing Protocol (AMQP) service supports one or more authentication mechanisms that allow credentials to be sent in the clear.
Solution
Disable cleartext authentication mechanisms in the AMQP configuration.
Output
CVE IDs
null
DNS Name
RABBITMQ.systemconf.local
NetBIOS Name
SYSTEMCONF\RABBITMQ
Solution to Vulnerability
When I researched this vulnerability, it was found on the RabbitMQ server. On the RabbitMQ server, paste the command “listeners.tcp = none” into the “C:\RabbitMQ\rabbitmq.conf” file and restart the RabbitMQ service. If it is Nessus again, this vulnerability will be resolved when the scan is performed.
