Scanning with Nessus on the Thycotic PAM RabbitMQ server revealed the following vulnerability. Normally SSL connections and settings are made. Despite this, this clarity emerged.
The remote host is running a service that allows cleartext authentication.
The remote Advanced Message Queuing Protocol (AMQP) service supports one or more authentication mechanisms that allow credentials to be sent in the clear.
Disable cleartext authentication mechanisms in the AMQP configuration.
Solution to Vulnerability
When I researched this vulnerability, it was found on the RabbitMQ server. On the RabbitMQ server, paste the command “listeners.tcp = none” into the “C:\RabbitMQ\rabbitmq.conf” file and restart the RabbitMQ service. If it is Nessus again, this vulnerability will be resolved when the scan is performed.