Maybe quite OT, but i suppose lot’s of people uses servers w. AMI BMC.
Mods: Please delete/move if not appropriate.
My MJ11 board has one (I suppose …) - I’m running BMC FW : 12.61.21
AMI BMC Vuln - Score = 10
This is why it is recommended for Enterprise customers to use an isolated sub-net for all SP/BMC/IPMI/etc… devices. Then have that isolated sub-net accessible from limited places, like management servers.
Back in 2003 when I worked at Sun Microsystems, they found a flaw in the SP software for their new SunFire 3800-6900 servers. It was not something expected, but a buffer overflow from MS-Windows broadcast protocol. It would crash the SP.
Naturally that flaw was fixed, but the new recommendation was to use an isolated sub-net for all SPs.
3 Likes