ID de Prueba:	1.3.6.1.4.1.25623.1.0.105923
Categoría:	Default Accounts
Título:	IPMI Default Credentials (IPMI Protocol) - Active Check
Resumen:	It was possible to find default password/username combinations; for the Intelligent Platform Management Interface (IPMI) protocol.
Descripción:	Summary: It was possible to find default password/username combinations for the Intelligent Platform Management Interface (IPMI) protocol. Vulnerability Insight: Many IPMI enabled devices have set default username/password combinations. If these are not changed or disabled if opens up an easy exploitable vulnerability. Vulnerability Impact: An attacker can log into the IPMI enabled device often with privileged permissions and gain access to the host operating system. Affected Software/OS: All IPMI devices providing/using default credentials. The following is an excerpt of known tested credentials: - No CVEs: Dell iDRAC, SuperMicro BMC, IBM IMM, Fujitsu IRMC, Oracle/Sun ILOM, Asus IKVM BMC - CVE-2019-4169: IBM Open Power Firmware / OpenBMC Other devices / vendors might be affected as well. Solution: - Change the default passwords or disable the default accounts if possible - Filter traffic to UDP port 623 Please contact the vendor / consult the device manual for more information. CVSS Score: 8.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:C/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-4169 XForce ISS Database: ibm-bmc-cve20194169-info-disc (158702) https://exchange.xforce.ibmcloud.com/vulnerabilities/158702
Copyright	Copyright (C) 2014 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.