The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote malicious users to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle fujitsu m10 firmware |
||
intel intelligent platform management interface 2.0 |