IPMI Default Password Vulnerability Network Vulnerability

Summary

It was possible to find default password/username combinations for the IPMI protocoll.

Impact

An attacker can log into the IPMI enabled device often with privileged permissions and gain access to the host operating system. Impact Level: System

Solution

Change the default passwords or disable the default accounts if possible. Filter traffic to UDP port 623.

Insight

Many IPMI enabled devices have set default username/password combinations. If these are not changed or disabled if opens up an easy exploitable vulnerability.

Detection

Tries to get a RAKP Message 2 (IPMI v2.0) to check the password hash or activate a session (IPMI v1.5).

References

http://packetstormsecurity.com/files/105730/Supermicro-IPMI-Default-Accounts.html

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 8.5 AV:N/AC:L/Au:N/C:P/I:C/A:N

Related Vulnerabilities

Adobe AIR Security Bypass Vulnerability Jan14 (Mac OS X)
Adobe Air Multiple Vulnerabilities - December12 (Windows)
Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Mac OS X)
7T Interactive Graphical SCADA System Multiple Security Vulnerabilities
Adobe AIR Multiple Vulnerabilities-01 Sep13 (Mac OS X)

Take action and discover your vulnerabilities