About IPMI vulnerability


IPMI vulnerability

Vulnerable computer systems and applications:

Service stations with technologies such as HP Integrated Lights Out, Dell DRAC, IBM Remote Supervisor Adapter.

Description:

IPMI is an intelligent platform management interface. Devices that respond to an IPMI request can be fully overtaken with the Baseboard Management Controller control.

Recommendations:

  • The IPMI data traffic (typically UDP port 623) should only be accessible to a restricted list of IP addresses;
  • Change factory password to a complex one;
  • Where possible, enable encryption in IPMI settings;
  • Enable authentication.