Unitrends Security: IPMI Port Vulnerabilities

SUMMARY

Unitrends Security: IPMI Port Vulnerabilities

ISSUE

In response to potentials for IPMI Port Vulnerabilities
 
Unitrends Appliances that include IPMI capabilities, are not vulnerable to any of the specified threats because the IPMI solution is disabled by default. If you choose to use the IPMI solution, please review the following information to harden the solution to the needs of your environment and security needs.

Below are the Common Vulnerabilities and Exposures (CVE) numbers that relate to IPMI and how to address them. Any commands that need to be submitted to the BIOS or IPMI can be done by connecting a keyboard and monitor console to the Unitrends Appliance or by via an SSH Terminal Console, using ipmiutil.

The ipmiutil package is pre-installed on systems after Unitrends release 7.2.0, but some systems may have versions prior to ipmiutil-2.9.4, so it can be updated using this command:  yum update ipmiutil.

IPMI Cipher Suite Zero Authentication Bypass

Addressed in this SUPERMICRO FAQ: http://www.supermicro.com/support/faqs/faq.cfm?faq=16536
If using IPMI LAN, you can disable Cipher 0 by issuing this command:     
     ipmiutil lan –e –O
If not using IPMI LAN, disable IPMI LAN by using this command:
     ipmiutil lan -d

Resolves the following CVE’s
CVE-2014-2955 (Last Revised 07/15/2014)
CVE-2013-4782 (Last Revised 10/16/2013)
CVE-2013-4783 (Last revised: 09/26/2013)
CVE-2013-4784 (Last revised: 08/13/2013)


RAKP Password Hash Disclosure

The default administrative user is ADMIN with the default password of ADMIN. You can change the password for the user ADMIN using either of these methods:

a) Rebooting to the BIOS IPMI Main Menu, and navigating to Configuration > Users. See IPMI-LAN Configuration from BIOS for Remote Management

b) Using ipmiutil commands, see Using IPMI LAN for remote access.

The following are addressed in this SUPERMICRO document: http://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf

Resolves the following CVE’s
CVE-2013-4037 (Last revised: 08/12/2013)
CVE-2013-4786 (Last revised: 10/16/2013)

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us