DESCRIPTION LAST UPDATED: 2023-12-12
DEFAULT SEVERITY LEVEL: HIGH
This report identifies hosts that have the Intelligent Platform Management Interface (IPMI) service open (port 623/udp) and accessible from the Internet.
IPMI is the base of most of the Out Of Band / Lights Out management suites and is implemented by the server’s Baseboard Management Controller (BMC). The BMC has near complete access and control of the server’s resources, including, but not limited to, memory, power, and storage. Anyone that can control your BMC (via IPMI) can control your server.
IPMI instances in general are known to contain a variety of vulnerabilities, some more serious than others. In short, you really do not want to expose IPMI to the Internet.
If you’re not convinced yet, please take a look at the excellent work by Dan Farmer on IPMI security issues at http://fish2.com/ipmi/ and US-CERT alert TA13-207A at https://www.us-cert.gov/ncas/alerts/TA13-207A
Track exposed IPMI instances on our Dashboard.
Severity levels are described here.
For more information on our scanning efforts, check out our Internet scanning summary page..
Filename: scan_ipmi