About IPMI vulnerability

IPMI vulnerability

Vulnerable computer systems and applications:

Service stations with technologies such as HP Integrated Lights Out, Dell DRAC, IBM Remote Supervisor Adapter.

Description:

IPMI is an intelligent platform management interface. Devices that respond to an IPMI request can be fully overtaken with the Baseboard Management Controller control.

Recommendations:

• The IPMI data traffic (typically UDP port 623) should only be accessible to a restricted list of IP addresses;
• Change factory password to a complex one;
• Where possible, enable encryption in IPMI settings;
• Enable authentication.