About IPMI vulnerability
Vulnerable computer systems and applications:
Service stations with technologies such as HP Integrated Lights Out, Dell DRAC, IBM Remote Supervisor Adapter.
IPMI is an intelligent platform management interface. Devices that respond to an IPMI request can be fully overtaken with the Baseboard Management Controller control.
- The IPMI data traffic (typically UDP port 623) should only be accessible to a restricted list of IP addresses;
- Change factory password to a complex one;
- Where possible, enable encryption in IPMI settings;
- Enable authentication.