Lucene search
PRIOn knowledge basePRION:CVE-2013-4786HistoryJul 08, 2013 - 10:55 p.m.
Authentication flaw
2013-07-0822:55:00
PRIOn knowledge base
www.prio-n.com
19
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.
| CPE | Name | Operator | Version |
|---|---|---|---|
| intelligent_platform_management_interface | eq | 2.0 | |
| fujitsu_m10_firmware | le | 2290 |
References
fish2.com/ipmi/remote-pw-cracking.html
www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
community.rapid7.com/community/metasploit/blog/2013/07/02/a-penetration-testers-guide-to-ipmi
marc.info/?l=bugtraq&m=139653661621384&w=2
nvidia.custhelp.com/app/answers/detail/a_id/5010
security.netapp.com/advisory/ntap-20190919-0005/
support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04197764
Related
ubuntucve
ubuntucve
CVE-2013-4786
2013-07-08 00:00:00
f5
f5
K16846 : IPMI vulnerability CVE-2013-4786
2015-07-02 00:00:00
SOL16846 - IPMI vulnerability CVE-2013-4786
2015-07-02 00:00:00
cve
cve
CVE-2013-4786
2013-07-08 22:55:01
cvelist
cvelist
CVE-2013-4786
2013-07-08 22:00:00
nvd
nvd
CVE-2013-4786
2013-07-08 22:55:01
nessus
nessus
IPMI v2.0 Password Hash Disclosure
2014-12-18 00:00:00
securityvulns
securityvulns
attackerkb
attackerkb
CVE-2013-4786
2013-07-08 00:00:00
jvn
jvn
JVN#38752718: Multiple NEC Products vulnerable to authentication bypass
2021-01-04 00:00:00
avleonov
avleonov
Is Vulnerability Management more about Vulnerabilities or Management?
2020-02-11 13:46:54
cert
cert
BMC software fails to validate IPMI session.
2024-04-30 00:00:00
nvidia
nvidia
oracle
oracle
Oracle Critical Patch Update Advisory - April 2016
2016-04-19 00:00:00