/tmp/kernel-certs-debug4917.log: Zip archive data, at least v2.0 to extract
Looking inside, it seems it’s really some .jar file, and it’s inside almost every machine where is amp installed, even the one which doesn’t have “outside” access.
Scanned it with virustotal:
If you want, I can upload it or send it through PM, please let me know.
The others here are correct. This is not a known vulnerability with AMP. You have most likely been compromised. You’ll likely want to restore from known-good backups or wipe the systems and rebuild. Also ensure your network is locked down well. There’s no telling with the amount of info you provided where this came from. But there’s nothing pointing to AMP at this point.
Also, might be an oversight from the OP but CentOS 8 is EOL over a year ago. So who knows what zero-days have been found if so. CentOS Stream 8 would be fine.