Summary
Intelligent Platform Management Interface is prone to an authentication- bypass vulnerability.
Impact
Attackers can exploit this issue to gain administrative access to the device and disclose sensitive information.
Solution
Ask the Vendor for an update.
Insight
The remote IPMI service accepted a session open request for cipher zero.
Detection
Send a request with a zero cipher and check if this request was accepted.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Multiple Vulnerabilities-01 Sep14 (Windows)
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Linux)
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Mac OS X
- Adobe Acrobat Multiple Vulnerabilities-01 Sep14 (Mac OS X)
- Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Linux)