we used nessus scanner and it identified AMQP clear text authentication as a Medium vulnerability, therefore we must fix the issue to be pci-dss compliant.
The service is rabbit mq and from i have found in other questions, it is critical service for the ossim server.
It is possible to use TLS  and disable unencrypted access in the configuration file but i would like to know if this will prevent ossim from working. I found this "ENG-104898, Vulnerable Debian Package - rabbitmq-server (CVE-2016-9877) - AlienVault 5.3.5 is not vulnerable."
So what should i do?? disable unencrypted access or use this security advisory?