Description
Java Management Extensions (JMX) is a Java technology that supplies tools for managing and monitoring applications, system objects, devices (e.g. printers) and service-oriented networks. Those resources are represented by objects called MBeans (for Managed Bean). In the API, classes can be dynamically loaded and instantiated. RMI (Remote Method Invocation) is a Java specific implementation of a Remote Procedure Call interface.
Remediation
In a production system is not recommended to have the JMX/RMI service publicly available. Access to this service should be restricted.
References
Related Vulnerabilities
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-14634)
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3319)
WordPress Plugin Unyson Information Disclosure (2.7.18)
WordPress Plugin LearnDash LMS Multiple Information Disclosure Vulnerabilities (4.10.2)
WordPress Plugin Credova_Financial Information Disclosure (1.4.8)