Zurück
-
Titel
CVE-2013-4768 (MITRE) - Is Safeguard susceptible to remote attackers obtaining the HMAC from a RAKP message from the BMC. -
Beschreibung
Safeguard's baseboard management controller (BMC) utilizes the IPMI 2.0 specification which supports RMCP + Autenticated Key-Exchanged Protocol (RAKP) authentication. Is Safeguard susceptible to remote attackers obtaining the HMAC authentication from a RAKP message? -
Lösung
Safeguard appliances are affected by CVE-2013-4768 (MITRE). To help remedy the vulnerability, we recommend using a long password and enabling the SMC RAKP feature. Since our BMC implementation has its own RAKP implementation, the configuration must be enabled via the web interface.
Steps:- Gather the Lights Out Management (BMC) configuration details from the Safeguard Windows desktop client (Settings | Lights Out Management (BMC)).
- Once completed, access the BMC Web Interface using the credentials specified from step 1.
- Click on the Miscellaneous Menu (Second from the right) | Click on the SMC RAKP tab.
- Click Enable. By default this setting is OFF.