IPMIv2.Weak.Authentication
Description
The indicates detection the enabled 'none' authentication type capability of Intelligent Platform Management Interface(IPMI).
IPMI is used to manage servers out of the band. Badly configured service can let remote attackers bypass the authentication step.
Affected Products
IPMI v2.0
Impact
Security Bypass: Remote attackers can bypass security authentication of the IPMI service.
Recommended Actions
Make sure to disable cipher suite 0 from your IPMI configuration.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |