SuperMicro IPMI PSBlock File Plaintext Password Disclosure
Critical Nessus Plugin ID 76213
SynopsisThe remote device is affected by an information disclosure vulnerability.
DescriptionThe remote SuperMicro IPMI device is affected by an information disclosure vulnerability because it exposes all usernames and passwords in plaintext via the PSBlock file. A remote, unauthenticated attacker can exploit this vulnerability to download all usernames and passwords and gain a shell on the device.
SolutionUpgrade to the latest BIOS version.