IPMI 2.0 Vulnerability: Remote Password Hash Retrieval and Offline Guessing

IPMI 2.0 Vulnerability: Remote Password Hash Retrieval and Offline Guessing

CVE-2013-4786 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:N/A:N

The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.

Learn more about our Cis Benchmark Audit For Microsoft Exchange Server.