Risks of Exposing the Intelligent Platform Management Interface (IPMI)

["US-CERT" <US-CERT () ncas us-cert gov>]

NCCIC / US-CERT

National Cyber Awareness System:

Risks of Exposing the Intelligent Platform Management Interface (IPMI) [ 
https://www.us-cert.gov/ncas/current-activity/2014/06/23/Risks-Exposing-Intelligent-Platform-Management-Interface-IPMI 
] 06/23/2014 06:33 AM EDT 
Original release date: June 23, 2014

Multiple weaknesses exist in several server platforms employing IPMI. Exploitation of these vulnerabilities could allow 
an attacker to take control of the affected system or expose sensitive server information. 

Server administrators are encouraged to review US-CERT Alert TA13-207A [ http://www.us-cert.gov/ncas/alerts/TA13-207A ] 
and restrict IPMI access so that the interface cannot be reached from the Internet.

________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy 
& Use [ http://www.us-cert.gov/privacy/ ] policy.

________________________________________________________________________

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ 
http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ 
http://www.us-cert.gov/related-resources ] 

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]