IPMI v2.0 password hash disclosure Vulnerability

mkhriesa · ‎05-10-2018

we have IPMI v2.0 password hash disclosure Vulnerability on the UCS where we installed the cucm 10.5

I see from the solution is to disable the IPMI , could you please advise how and provide more details for the solution of this bug

Gregory Brunn · ‎05-11-2018

Is this being shown as the result of a security scan, can you shut down your cimc management interface run the scan again? This is of course your cimc is utilizing the dedicated m port and not shared LoM port.

Gregory Brunn · ‎05-11-2018

Is this being shown as the result of a security scan, can you shut down your cimc management interface run the scan again? This is of course your cimc is utilizing the dedicated m port and not shared LoM port

mkhriesa · ‎05-11-2018

Yes its a security scan, if its from cimc how we can solve it?

Gregory Brunn · ‎05-12-2018

You can disable the Cimc.

Also you can update bios and cimc to see if that solves it would need to do more research on if the update would fix it.

Gregory Brunn · ‎05-12-2018

https://www.cisco.com/c/en/us/about/security-center/ipmi-vulnerabilities.html

I would read this and disable tech support and ensure IPMI over lan is disabled.

mkhriesa · ‎05-15-2018

Is there any affect if we disable it?