CERT mailing list archives
Risks of Exposing the Intelligent Platform Management Interface (IPMI)
From: "US-CERT" <US-CERT () ncas us-cert gov>
Date: Mon, 23 Jun 2014 06:20:20 -0500
NCCIC / US-CERT National Cyber Awareness System: Risks of Exposing the Intelligent Platform Management Interface (IPMI) [ https://www.us-cert.gov/ncas/current-activity/2014/06/23/Risks-Exposing-Intelligent-Platform-Management-Interface-IPMI ] 06/23/2014 06:33 AM EDT Original release date: June 23, 2014 Multiple weaknesses exist in several server platforms employing IPMI. Exploitation of these vulnerabilities could allow an attacker to take control of the affected system or expose sensitive server information. Server administrators are encouraged to review US-CERT Alert TA13-207A [ http://www.us-cert.gov/ncas/alerts/TA13-207A ] and restrict IPMI access so that the interface cannot be reached from the Internet. ________________________________________________________________________ This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ http://www.us-cert.gov/privacy/ ] policy. ________________________________________________________________________ OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ] STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
Current thread:
- Risks of Exposing the Intelligent Platform Management Interface (IPMI) US-CERT (Jun 23)