This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.
The remote host supports IPMI version 2.0.
The remote host supports IPMI v2.0. The Intelligent Platform
Management Interface (IPMI) protocol is affected by an information
disclosure vulnerability due to the support of RMCP+ Authenticated
Key-Exchange Protocol (RAKP) authentication. A remote attacker can
obtain password hash information for valid user accounts via the HMAC
from a RAKP message 2 response from a BMC.
See also :
There is no patch for this vulnerability; it is an inherent problem
with the specification for IPMI v2.0. Suggested mitigations include :
- Disabling IPMI over LAN if it is not needed.
- Using strong passwords to limit the successfulness of
off-line dictionary attacks.
- Using Access Control Lists (ACLs) or isolated networks
to limit access to your IPMI management interfaces.
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 7.8
Public Exploit Available : true