This document provides instructions to help you prevent third parties from exploiting your Wowza™ media server software through Java Management Extensions (JMX) access. Follow the instructions below to prevent a third-party from exploiting this vulnerability to negatively affect your streaming applications and more—in the worst case, taking control of your media server.
The Java Management Extensions (JMX) interface in Wowza media server software exposes Java application components through a unified object interface. This interface can then be consumed by open source and commercial monitoring tools such as HP OpenView, OpenNMS, JConsole, and VisualVM.
Review the instructions in How to use JConsole with Wowza media server software to verify that your JMX configuration is configured correctly.
Do ONE of the following:
admin readonly monitorRole readonly controlRole readonly
Restart your media server software to apply the change. For more information, see How to start and stop Wowza Streaming Engine software.