Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

How to mitigate against CVE-2013-4786 and CVE-2013-4037





This article will cover how to mitigate CVEs CVE-2013-4786 and CVE-2013-4037


Product: LoadMaster

Version: Any

Platform: Hardware

Application: Any

Question/Problem Description:

IPMI 2.0 RAKP Authentication Remote Password Hash Retrieval Vulnerability
IPMI 2.0 Password Hash Retrieval Vulnerability Detected For USER: admin on port 623 over UDP.

Please show to address these vulnerabilities. If false positive please provide document/KB stating this.
How can we disable IPMI service?

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause: This is something that would affect any hardware with an AMI BIOS/BMC.
Resolution: N/A

To get around this, the BMC can be disabled within the BIOS. The below image shows what the BIOS should look like after the BMC has been disabled.

Alternatively, a dedicated management network to access the BMC, which only trusted users have access to.


Was this article helpful?
0 out of 0 found this helpful