Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

Risks of Using the Intelligent Platform Management Interface (IPMI)

 

Systems Affected


  • HP Integrated Lights Out
  • Dell DRAC
  • IBM Remote Supervisor Adapter

Threat Level

Overview


Attackers can easily identify and access systems that run IPMI and are connected to the Internet. It is important to restrict IPMI access to specific management IP addresses within an organization and preferably separated into a separate LAN segment.


Description


IPMI is a low level interface specification that has been adopted by many hardware vendors. It allows a system administrator to remotely manage servers at the hardware level. IPMI runs on the Baseboard Management Controller (BMC) and provides access to the BIOS, disks, and other hardware. It also supports remote booting from a CD or through the network, and monitoring of the server environment. The BMC itself also runs a limited set of network services to facilitate management and communications amongst systems.


Impact


An attacker with knowledge of IPMI can search for, and find, open management interfaces. Many of these interfaces utilize default or no passwords, or weak encryption. Further consequences depend on the type and use of the compromised system. At the very least, an attacker can compromise confidentiality, integrity, and availability of the server once gaining access to the BMC.


Solution/ Workarounds


  ✻  Update the latest version of the Mozilla's Firefox on Windows, Linux and Mac.


References


https://www.us-cert.gov/ncas/alerts/TA13-207A


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.