K16846 : IPMI vulnerability CVE-2013-4786

2015-07-0200:00:00

my.f5.com

235

7.5 High

AI Score

Confidence

High

0.24 Low

EPSS

Percentile

96.6%

JSON

Security Advisory Description

The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC. (CVE-2013-4786)
Impact
This vulnerability may allow remote attackers to obtain password hashes and conduct offline password guessing attacks.
In the default configuration, Intelligent Platform Management Interface (IPMI) protocol is disabled for external hosts on BIG-IP platforms. The following iSeries platforms are vulnerable when you configure the Always-On Management (AOM) network and enable IPMI access and configure a user. F5 recommends that you do not enable IPMI protocol on the following BIG-IP iSeries platforms:

i5000 (C119)
i7000 (C118)
i10000 (C116)

CPENameOperatorVersion
big-ip afmeq11.3.0
big-ip afmeq11.4.0
big-ip afmeq11.4.1
big-ip afmeq11.5.0
big-ip afmeq11.5.1
big-ip afmeq11.5.2
big-ip afmeq11.5.3
big-ip afmeq11.5.4
big-ip afmeq11.6.0
big-ip afmeq11.6.1

Name	Operator	Version
big-ip afm	eq	11.3.0
big-ip afm	eq	11.4.0
big-ip afm	eq	11.4.1
big-ip afm	eq	11.5.0
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3
big-ip afm	eq	11.5.4
big-ip afm	eq	11.6.0
big-ip afm	eq	11.6.1