IPMI 2.0 RAKP Authentication Remote Password Hash Retrieval Vulnerability is being returned by the scans of the Syslog-ng Storebox (SSB) Appliances. This has been flagged as a security vulnerability.
3rd party IPMI 2.0 chip vulnerability.
This is not tied to a specific SSB version, but to the hardware that is in use. There is no fix for the IPMI Remote Password Hash Vulnerability from Supermicro and the manufacturer of the IPMI chip. Please ensure the following best practices from the manufacturer of the motherboard are implemented:
Please also see the vendor's website for information about this: SuperMicro FAQs
For Latest IPMI firmware for Syslog-ng Store Box 3000/3500 see KB312276