logo

Port 9443 – HTTPS Alt (Alternative Hypertext Transfer Protocol Secure)

Service:

https

Protocol:

TCP

Port:

9443

Used for:

Alternative HTTPS port for secure services

Why It’s Open

Port 9443 is commonly used as an alternate HTTPS port for secure web services. It often hosts administrative interfaces, management consoles, and secure application endpoints that require encrypted communications but need to be separated from the standard HTTPS port 443. This separation is useful in enterprise environments and development settings where multiple secure services run simultaneously. Organizations use port 9443 to isolate management or development access from public web traffic, enabling secure administration without interfering with primary web servers.

Common Risks

  • SSL/TLS Vulnerabilities
    Weak cipher configurations can expose services to interception or downgrade attacks.
  • Administrative Access
    Exposed management interfaces can be entry points for attackers.
  • Credential Theft
    Man-in-the-middle attacks on login pages due to poor encryption.
  • Information Disclosure
    Misconfigured SSL/TLS can reveal sensitive information.
  • **Certificate Issues **
    Invalid or expired certificates reduce trust and allow MITM.

Want to save time on reporting?

Let PentestPad generate, track, and export your reports - automatically.

logo-cta

Enumeration & Testing

Basic port scan:

Terminal window
nmap -sV --script ssl-enum-ciphers -p 9443

SSL/TLS check:

Terminal window
sslscan :9443

Certificate validation:

Terminal window
openssl s_client -connect :9443

Web vulnerability scan:

Terminal window
nikto -h https://:9443/

What to Look For

CheckpointWhat it means
Weak SSL/TLS versionsVulnerable to known SSL/TLS attacks
Self-signed certificatesPossible man-in-the-middle attacks
Default credentialsEasy unauthorized access
Admin interfacesExposed management portals
Version informationKnown vulnerabilities may be present

Mitigation

  • Strong Encryption
    Use modern TLS versions (TLS 1.2 or 1.3) and strong cipher suites.
  • Certificate Management
    Ensure certificates are valid, trusted, and regularly renewed.
  • Access Control
    Require strong authentication and authorization for admin interfaces.
  • Network Restriction
    Limit access to port 9443 to trusted IPs or VPNs.
  • Security Headers
    Enable HTTP Strict Transport Security (HSTS) and related headers.
  • Regular Updates
    Patch web services and SSL/TLS libraries promptly.
  • Monitoring
    Log and alert on suspicious connection attempts or errors.

TL;DR

  • Port 9443 is commonly used as an alternate HTTPS port for admin interfaces.
  • SSL/TLS security is critical to prevent credential theft.
  • Use strong encryption and valid certificates.
  • Restrict access to trusted networks only.

Known CVEs and Exploits

  • CVE-2020-14882 – Oracle WebLogic Server Remote Code Execution via admin console (often on 9443 for HTTPS)
  • CVE-2019-2725 – Oracle WebLogic Server Deserialization vulnerability
  • CVE-2021-3449 – OpenSSL TLS certificate verification flaw
  • CVE-2023-3118 – Apache Tomcat authentication bypass in HTTPS admin apps
  • CVE-2022-22963 – Spring Cloud Gateway Remote Code Execution