Check Point Reference: | CPAI-2013-2470 |
Date Published: | 9 Jul 2013 |
Severity: | Critical |
Last Updated: | Wednesday 28 June, 2017 |
Source: | |
Protection Provided by: |
Security Gateway |
Who is Vulnerable? | |
Vulnerability Description | Authentication Bypass vulnerability have been reported in IPMI 2.0 Authentication. When using cipher type 0, it is an indicator that the client wants to use clear-text authentication,that allows access with any password. |
This protection will detect and block attempts to open sessions using cipher 0 option.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: Application Servers Protection Violation.
Attack Information: Multiple Vendors IPMI 2.0 Authentication Bypass via Cipher 0