IBM Baseboard Management Controller Default Credentials

Critical Nessus Plugin ID 39364


The remote management client is protected with a default password.


The remote host appears to be an IBM Baseboard Management Controller (BMC), which is used to provide out-of-band management.

The remote BMC is protected with the default password.


Replace the default password with a strong password.

Plugin Details

Severity: Critical

ID: 39364

File Name: ibm_bmc_default_login.nbin

Version: $Revision: 1.30 $

Type: remote

Family: Misc.

Published: 2009/06/11

Modified: 2018/01/29

Dependencies: 45555

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:ND/RC:ND

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: No exploit is required