Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

How to mitigate against CVE-2013-4786 and CVE-2013-4037

 

Information

 

Summary:

This article will cover how to mitigate CVEs CVE-2013-4786 and CVE-2013-4037

Environment:

Product: LoadMaster

Version: Any

Platform: Hardware

Application: Any

Question/Problem Description:

IPMI 2.0 RAKP Authentication Remote Password Hash Retrieval Vulnerability
IPMI 2.0 Password Hash Retrieval Vulnerability Detected For USER: admin on port 623 over UDP.

How to address these vulnerabilities. 

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause: This is something that would affect any hardware with an AMI BIOS/BMC.
Resolution:

It is highly recommended to block port 623/UDP on the firewall, the default port for IPMI access.

The BMC user can be also disabled within the BIOS.  Depending on the model of the LoadMaster/ECM device, the BIOS screen may appear differently.  For further assistance please contact LoadMaster Support.

  • Within the BIOS navigate to Server Mgmt tab.
  • Go to BMC User Settings.

netwrk2.png

  • Select Change User Settings.
  • Type in the BMC user, by default the only username is admin;
    • If on LoadMaster/ECM models that are in the "NG" branding the username/password will be admin/serial number of the hardware unit.  If on non-NG models, it will be admin/admin.

user.png

  • First go to User and enable it(even if it is already enabled).  You may get a pop-up saying successful.  This is to get the [Enable] text to show.
  • Second go to User again and this time Select [Disable].  A pop-up box will appear saying Operation Passed.

disable.png

  • Save and exit, the device will reboot.

 

Workaround:

You can also ensure no IP is set on the BMC Network Configuration. 

In the Configuration Address section, make sure this is set to something other than a DHCP setting.  We recommend doing the following:

  • If leaving it on DHCP, ensure a DHCP server will not return an IP.

However, if the above is not done, and if this BMC network is set to use DHCP and gets an IP assigned, the device would become vulnerable.

netwrk.png

Notes:  

Was this article helpful?
0 out of 0 found this helpful

Comments