[ale] Anyone using Supermicro motherboards?
Chris Fowler
cfowler at outpostsentinel.com
Thu Jun 26 11:20:51 EDT 2014
On 06/26/2014 11:06 AM, James Taylor wrote:
> >From the latest SANS Bulletin...
> -jt
>
> ID: N/A
> Title: Supermicro Server Motherboard Credential Disclosure Vulnerability
> Vendor: Supermicro
> Description: Supermicro motherboards store administrator passwords in
> plain text, which is available to any attacker who can connect to TCP
> port 49152.
> CVSS v2 Base Score: 10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C)
>
>
That must be for their IPMI interface.
More information about the Ale
mailing list