[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-23168":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":54,"name":55,"published":56,"updated":34},23168,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},3,"OpenVAS",{"id":25,"codename":34,"description":34,"severity":34,"risk_description":35,"public_description":36,"public_recommendation":37,"recommendation":34,"references":38,"cvssv3":34,"epss_score":45,"epss_percentile":46,"cve":47,"in_cisa_catalog":52,"date":53,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"The remote IPMI service accepted a session open request for cipher suite 0 (aka cipher zero). Attackers can exploit this issue to gain administrative access to the device and disclose sensitive information.","Intelligent Platform Management Interface (IPMI) services are prone to an authentication bypass vulnerability through the use of cipher suite 0 (aka cipher zero).","- Supermicro has released fixes for its BMC firmware, please see the references for more info - For other vendors: Ask the Vendor for an update / more information - Disable the usage of cipher suite 0 by following vendor instructions Please contact the vendor of the remote device for more information.",[39,40,41,42,43,44],"http://fish2.com/ipmi/cipherzero.html","https://www.cisa.gov/news-events/alerts/2013/07/26/risks-using-intelligent-platform-management-interface-ipmi","http://fish2.com/ipmi/","https://seclists.org/fulldisclosure/2014/Jul/14","https://www.dell.com/support/kbdoc/en-US/000135423/how-to-check-if-ipmi-cipher-0-is-off","https://www.supermicro.com/support/faqs/faq.cfm?faq=16536",0.64078,0.98426,[48,49,50,51],"CVE-2013-4782","CVE-2013-4783","CVE-2013-4784","CVE-2014-2955",false,"2013-07-08T00:00:00Z","NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.103840","IPMI Cipher Suite 0 (Cipher Zero) Authentication Bypass Vulnerability (IPMI Protocol)","2024-10-01T00:00:00Z"]