PowerPath:Tenableの脆弱性がポート9083をスキャンすると、ピアによって接続がリセットされる

Summary: PowerPath for Windows 7.2.X Remote Management with Mutual Transport Layer Security (mTLS)は、Tenableの脆弱性がポート9083をスキャンすると、最大ソケット接続制限に達し、ピアによって接続がリセットされます。

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

Tenableスキャン ソフトウェアがポート9083をスキャンすると、mTLSが有効なPowerPathリモート管理プロセスが失敗し、最終的に最大ソケット接続数に達し、ピアによる接続リセットのメッセージがログに記録されます。

 

PPMA GUIでは、切断ステータスは次のポーリング サイクルまで表示されません。ポーリング サイクルが実行されると、サーバーは最終的に GUI に切断済みとして表示されます (赤)。

 

## Windows リモート管理アプリケーション イベント ログ

07/23/2023 07:05:23 PM  Warning       HOSTNAME 3       EmcPowerPathManagementComponent  EMC PowerPath Warning:  Management Component: Warning: Max socket connection limit reached, incoming connection dropped. Remote host: ip=10.x.x.x, hostname=PPMAHOST.DOMAIN.COM.
07/23/2023 07:05:23 PM  Information   HOSTNAME 2       EmcPowerPathManagementComponent  EMC PowerPath Information:  Management Component: Info: SSPI decryption failed. InitSSLServerSchannel(): Failed to query the client.
07/23/2023 07:05:19 PM  Warning       HOSTNAME 3       EmcPowerPathManagementComponent  EMC PowerPath Warning:  Management Component: Warning: Max socket connection limit reached, incoming connection dropped. Remote host: ip=10.x.x.x, hostname=PPMAHOST.DOMAIN.COM.
07/23/2023 07:05:19 PM  Error         HOSTNAME 4       EmcPowerPathManagementComponent  EMC PowerPath Error:  Management Component: Error: Socket library: send - Connection reset by peer. (err=10054).
07/23/2023 07:05:18 PM  Warning       HOSTNAME 3       EmcPowerPathManagementComponent  EMC PowerPath Warning:  Management Component: Warning: Max socket connection limit reached, incoming connection dropped. Remote host: ip=10.x.x.x, hostname=PPMAHOST.DOMAIN.COM.
07/23/2023 07:05:18 PM  Error         HOSTNAME 4       EmcPowerPathManagementComponent  EMC PowerPath Error:  Management Component: Error: Socket library: send - Connection reset by peer. (err=10054)

 

## PPMA DataCollectorログ

ERROR 19:16:08.320 [AnonymousIoService-6] c.e.p.d.hosts.impl.HostAgentListener - Internal error occurred in the connection to HOSTNAME.DOMAIN.COM:9083
WARN  19:16:08.321 [AnonymousIoService-6] c.e.p.d.h.impl.HostAgentConnector - java.lang.Exception: Invalid Header Tag       ??U? (Hexdump: 15 03 03 00 1A 00 00 00 00 00 00 00 01 99 FB 16 55 98 19 50 B2 E1 87 35 F2 0D 26 E6 F4 A1 6D)
org.apache.mina.filter.codec.ProtocolDecoderException: java.lang.Exception: Invalid Header Tag       ??U? (Hexdump: 15 03 03 00 1A 00 00 00 00 00 00 00 01 99 FB 16 55 98 19 50 B2 E1 87 35 F2 0D 26 E6 F4 A1 6D)
    at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:165)
    at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
    at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
    at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
    at org.apache.mina.filter.support.SSLHandler.flushScheduledEvents(SSLHandler.java:275)
    at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:427)
    at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
    at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
    at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
    at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java:220)
    at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(ExecutorFilter.java:264)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
    at java.lang.Thread.run(Thread.java:750)
Caused by: java.lang.Exception: Invalid Header Tag       ??U?
    at com.emc.powerpath.datacollector.remote.nio.mina.client.codec.AgentResponseDecoder.getExpectedBytes(AgentResponseDecoder.java:64)
    at com.emc.powerpath.datacollector.remote.nio.mina.client.codec.AgentResponseDecoder.doDecode(AgentResponseDecoder.java:117)
    at org.apache.mina.filter.codec.CumulativeProtocolDecoder.decode(CumulativeProtocolDecoder.java:133)
    at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:158)
    ... 14 common frames omitted
WARN  19:16:08.325 [AnonymousIoService-14] c.e.p.d.h.impl.HostAgentConnector - Connection reset by peer
java.io.IOException: Connection reset by peer
    at sun.nio.ch.FileDispatcherImpl.read0(Native Method)
    at sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:39)
    at sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223)
    at sun.nio.ch.IOUtil.read(IOUtil.java:197)
    at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:378)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.read(SocketIoProcessor.java:218)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.process(SocketIoProcessor.java:198)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.access$400(SocketIoProcessor.java:45)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor$Worker.run(SocketIoProcessor.java:485)
    at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
    at java.lang.Thread.run(Thread.java:750)
WARN  19:16:08.325 [AnonymousIoService-14] c.e.p.d.h.impl.HostAgentConnector - Broken pipe
java.io.IOException: Broken pipe
    at sun.nio.ch.FileDispatcherImpl.write0(Native Method)
    at sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:47)
    at sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:93)
    at sun.nio.ch.IOUtil.write(IOUtil.java:65)
    at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:469)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.doFlush(SocketIoProcessor.java:414)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.doFlush(SocketIoProcessor.java:332)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor.access$500(SocketIoProcessor.java:45)
    at org.apache.mina.transport.socket.nio.SocketIoProcessor$Worker.run(SocketIoProcessor.java:488)
    at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
    at java.lang.Thread.run(Thread.java:750)
ERROR 19:16:08.325 [AnonymousIoService-14] c.e.p.d.hosts.impl.HostAgentListener - Connection to HOSTNAME.DOMAIN.COM:9083 has been lost

 

Cause

これは、mTLSを有効にしたPowerPath for Windows 7.2.Xリモート管理で、PPMA以外のサーバーからのWinsock接続が正しく処理されない問題です。

 

Resolution

この修正はPowerPath for Windowsの今後のリリースに含まれる予定ですが、現時点ではETAはありません。

 

回避策は、Windowsサービスから「EMC PowerPathリモート管理コンポーネント」サービスを再起動することです。

 

Article Properties
Article Number: 000216118
Article Type: Solution
Last Modified: 19 Jul 2024
Version:  3
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.