About IPMI vulnerability
IPMI vulnerability
Vulnerable computer systems and applications:
Service stations with technologies such as HP Integrated Lights Out, Dell DRAC, IBM Remote Supervisor Adapter.
Description:
IPMI is an intelligent platform management interface. Devices that respond to an IPMI request can be fully overtaken with the Baseboard Management Controller control.
Recommendations:
- The IPMI data traffic (typically UDP port 623) should only be accessible to a restricted list of IP addresses;
- Change factory password to a complex one;
- Where possible, enable encryption in IPMI settings;
- Enable authentication.