Jump to content

SCANGITTMAN

Members
  • Content Count

    2
  • Joined

  • Last visited

Profile Information

  • Location
    USA
  1. Ok thank you for your help with this. You can go ahead and close this question/topic if you'd like.
  2. Hi all. This is my first post on this forum. We are using ESET Management Center to manage our ESET software. We have an on-premise mail server running Exchange 2016 on Windows Server 2012 R2. On this server we have ESET File Security (ver 7.0.12018.0). The EMC dashboard is showing the following information regarding our Exchange server: Computer Name: SERVER-ABC.OURDOMAIN.LOCAL Threat name: (blank) Rule name: CVE-2017-5638.Struts2 Rule ID: (blank) Occurred: (several different dates/times here, spanning the last 2 months) Event: Security vulnerability exploitation Source address: 113.140.10.112 <-- this is a different IP for each of the several events showing on the dashboard Source port: 51436 Target address: (our internal server IP address) Target port: 443 Protocol: TCP Inbound: Yes Process name: System Account: (blank) Count: 1 This appears to be related to Apache, but I don't see Apache in the list of installed programs on the server. My questions are as follows: 1) is this "Security vulnerability exploitation" alert cause for concern? 2) I noticed however that Java is in the list of installed programs via Windows Control Panel. Does anyone here know if I can safely uninstall this? Based on what I've been reading, it doesn't appear to be a prerequisite to run Microsoft Exchange 2016. I don't want to cripple the server by removing it, if it's needed in some way. Thanks in advance!
×
×
  • Create New...