pen test - java.exe has open ports with weak ciphers. why are ports 22, 23, 992, 20, 21, 989, 990, 25, 587, 69, 80, 110, 143, 389 listening?

pen test - java.exe has open ports with weak ciphers. why are ports 22, 23, 992, 20, 21, 989, 990, 25, 587, 69, 80, 110, 143, 389 listening?

Our Nessus scans of our ManageEngine Operations Manager server are showing several ports as listening. The process behind all but one of these is C:\Program Files\ManageEngine\OpManager\jre\bin\java.exe

what is this for and do we need it to be listening on these? at time of scan we have these open

Port 22: Process java, File Path: C:\Program Files\ManageEngine\OpManager\jre\bin\java.exe
Port 69: Process java, File Path: C:\Program Files\ManageEngine\OpManager\jre\bin\java.exe
Port 80: Process java, File Path: C:\Program Files\ManageEngine\OpManager\jre\bin\java.exe
Port 143: Process java, File Path: C:\Program Files\ManageEngine\OpManager\jre\bin\java.exe

Example Nessus detection:





      New to ADSelfService Plus?