[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Anyone using Supermicro motherboards?

Subject: [ale] Anyone using Supermicro motherboards?
From: cfowler at outpostsentinel.com (Chris Fowler)
Date: Thu, 26 Jun 2014 11:20:51 -0400
In-reply-to: <[email protected]>
References: <[email protected]>

On 06/26/2014 11:06 AM, James Taylor wrote:
> >From the latest SANS Bulletin...
> -jt
>
> ID:     N/A
> Title: 	Supermicro Server Motherboard Credential Disclosure Vulnerability
> Vendor: Supermicro
> Description: Supermicro motherboards store administrator passwords in
> plain text, which is available to any attacker who can connect to TCP
> port 49152.
> CVSS v2 Base Score: 10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C)
>
>

That must be for their IPMI interface.

Follow-Ups:
- [ale] Anyone using Supermicro motherboards?
  - From: James.Taylor at eastcobbgroup.com (James Taylor)
- [ale] Anyone using Supermicro motherboards?
  - From: jim.kinney at gmail.com (Jim Kinney)

References:
- [ale] Anyone using Supermicro motherboards?
  - From: James.Taylor at eastcobbgroup.com (James Taylor)

Prev by Date: [ale] Anyone using Supermicro motherboards?
Next by Date: [ale] Anyone using Supermicro motherboards?
Previous by thread: [ale] Anyone using Supermicro motherboards?
Next by thread: [ale] Anyone using Supermicro motherboards?
Index(es):
- Date
- Thread