Docker Jmxremote Ssl Disabled In Env
Description
Detects when Java Management Extensions (JMX) remote connections have SSL/TLS encryption explicitly disabled in Docker configurations. This creates a significant security risk as JMX traffic containing sensitive management and monitoring data would be transmitted in plaintext.
Detection Strategy
• Search Docker configuration files for JVM arguments
• Look for the exact parameter '-Dcom.sun.management.jmxremote.ssl=false'
• Flag any line containing this parameter as it indicates disabled SSL encryption for JMX connections
• Configuration must explicitly set the ssl parameter to 'false' to trigger detection
Vulnerable code example
FROM alpine:latest
# Insecure: Disabling JMX SSL exposes management interface to attacks
ENV JAVA_OPTS="-Dcom.sun.management.jmxremote.ssl=false"
ENTRYPOINT ["java", "-jar", "app.jar"]✅ Secure code example
FROM alpine:latest@sha256:124c7d2707904eea7431fffe091cd89925cccc5d3241ccb8c8bdf2cf9f109438
# Create non-root user
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
# Copy application with defined path
COPY app.jar /app/app.jar
...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.