PowerPath：Tenableの脆弱性がポート9083をスキャンすると、ピアによって接続がリセットされる

Summary: PowerPath for Windows 7.2.X Remote Management with Mutual Transport Layer Security (mTLS)は、Tenableの脆弱性がポート9083をスキャンすると、最大ソケット接続制限に達し、ピアによって接続がリセットされます。

This article applies to This article does not apply to

Symptoms

Tenableスキャンソフトウェアがポート9083をスキャンすると、mTLSが有効なPowerPathリモート管理プロセスが失敗し、最終的に最大ソケット接続数に達し、ピアによる接続リセットのメッセージがログに記録されます。

PPMA GUIでは、切断ステータスは次のポーリングサイクルまで表示されません。ポーリングサイクルが実行されると、サーバーは最終的に GUI に切断済みとして表示されます (赤)。

## Windows リモート管理アプリケーションイベントログ

07/23/2023 07:05:23 PM  Warning       HOSTNAME 3       EmcPowerPathManagementComponent  EMC PowerPath Warning:  Management Component: Warning: Max socket connection limit reached, incoming connection dropped. Remote host: ip=10.x.x.x, hostname=PPMAHOST.DOMAIN.COM.
07/23/2023 07:05:23 PM  Information   HOSTNAME 2       EmcPowerPathManagementComponent  EMC PowerPath Information:  Management Component: Info: SSPI decryption failed. InitSSLServerSchannel(): Failed to query the client.
07/23/2023 07:05:19 PM  Warning       HOSTNAME 3       EmcPowerPathManagementComponent  EMC PowerPath Warning:  Management Component: Warning: Max socket connection limit reached, incoming connection dropped. Remote host: ip=10.x.x.x, hostname=PPMAHOST.DOMAIN.COM.
07/23/2023 07:05:19 PM  Error         HOSTNAME 4       EmcPowerPathManagementComponent  EMC PowerPath Error:  Management Component: Error: Socket library: send - Connection reset by peer. (err=10054).
07/23/2023 07:05:18 PM  Warning       HOSTNAME 3       EmcPowerPathManagementComponent  EMC PowerPath Warning:  Management Component: Warning: Max socket connection limit reached, incoming connection dropped. Remote host: ip=10.x.x.x, hostname=PPMAHOST.DOMAIN.COM.
07/23/2023 07:05:18 PM  Error         HOSTNAME 4       EmcPowerPathManagementComponent  EMC PowerPath Error:  Management Component: Error: Socket library: send - Connection reset by peer. (err=10054)

## PPMA DataCollectorログ

ERROR 19:16:08.320 [AnonymousIoService-6] c.e.p.d.hosts.impl.HostAgentListener - Internal error occurred in the connection to HOSTNAME.DOMAIN.COM:9083
WARN  19:16:08.321 [AnonymousIoService-6] c.e.p.d.h.impl.HostAgentConnector - java.lang.Exception: Invalid Header Tag       ??U? (Hexdump: 15 03 03 00 1A 00 00 00 00 00 00 00 01 99 FB 16 55 98 19 50 B2 E1 87 35 F2 0D 26 E6 F4 A1 6D)
org.apache.mina.filter.codec.ProtocolDecoderException: java.lang.Exception: Invalid Header Tag       ??U? (Hexdump: 15 03 03 00 1A 00 00 00 00 00 00 00 01 99 FB 16 55 98 19 50 B2 E1 87 35 F2 0D 26 E6 F4 A1 6D)
    at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:165)
    at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
    at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
    at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
    at org.apache.mina.filter.support.SSLHandler.flushScheduledEvents(SSLHandler.java:275)
    at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:427)
    at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
    at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
    at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
    at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java:220)
    at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(ExecutorFilter.java:264)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
    at java.lang.Thread.run(Thread.java:750)
Caused by: java.lang.Exception: Invalid Header Tag       ??U?
    at com.emc.powerpath.datacollector.remote.nio.mina.client.codec.AgentResponseDecoder.getExpectedBytes(AgentResponseDecoder.java:64)
    at com.emc.powerpath.datacollector.remote.nio.mina.client.codec.AgentResponseDecoder.doDecode(AgentResponseDecoder.java:117)
    at org.apache.mina.filter.codec.CumulativeProtocolDecoder.decode(CumulativeProtocolDecoder.java:133)
    at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:158)
    ... 14 common frames omitted
WARN  19:16:08.325 [AnonymousIoService-14] c.e.p.d.h.impl.HostAgentConnector - Connection reset by peer
java.io.IOException: Connection reset by peer
    at sun.nio.ch.FileDispatcherImpl.read0(Native Method)
    at sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:39)
    at sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223)
    at sun.nio.ch.IOUtil.read(IOUtil.java:197)
    at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:378)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.read(SocketIoProcessor.java:218)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.process(SocketIoProcessor.java:198)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.access$400(SocketIoProcessor.java:45)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor$Worker.run(SocketIoProcessor.java:485)
    at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
    at java.lang.Thread.run(Thread.java:750)
WARN  19:16:08.325 [AnonymousIoService-14] c.e.p.d.h.impl.HostAgentConnector - Broken pipe
java.io.IOException: Broken pipe
    at sun.nio.ch.FileDispatcherImpl.write0(Native Method)
    at sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:47)
    at sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:93)
    at sun.nio.ch.IOUtil.write(IOUtil.java:65)
    at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:469)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.doFlush(SocketIoProcessor.java:414)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.doFlush(SocketIoProcessor.java:332)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.access$500(SocketIoProcessor.java:45)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor$Worker.run(SocketIoProcessor.java:488)
    at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
    at java.lang.Thread.run(Thread.java:750)
ERROR 19:16:08.325 [AnonymousIoService-14] c.e.p.d.hosts.impl.HostAgentListener - Connection to HOSTNAME.DOMAIN.COM:9083 has been lost

Cause

これは、mTLSを有効にしたPowerPath for Windows 7.2.Xリモート管理で、PPMA以外のサーバーからのWinsock接続が正しく処理されない問題です。

Resolution

この修正はPowerPath for Windowsの今後のリリースに含まれる予定ですが、現時点ではETAはありません。

回避策は、Windowsサービスから「EMC PowerPathリモート管理コンポーネント」サービスを再起動することです。

PowerPath：Tenableの脆弱性がポート9083をスキャンすると、ピアによって接続がリセットされる

Summary: PowerPath for Windows 7.2.X Remote Management with Mutual Transport Layer Security (mTLS)は、Tenableの脆弱性がポート9083をスキャンすると、最大ソケット接続制限に達し、ピアによって接続がリセットされます。

Symptoms

Cause

Resolution

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services

Welcome

Welcome to Dell

PowerPath：Tenableの脆弱性がポート9083をスキャンすると、ピアによって接続がリセットされる

Summary: PowerPath for Windows 7.2.X Remote Management with Mutual Transport Layer Security (mTLS)は、Tenableの脆弱性がポート9083をスキャンすると、最大ソケット接続制限に達し、ピアによって接続がリセットされます。

Detailed Article

Symptoms

Cause

Resolution

Symptoms

Cause

Resolution

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services