|Check Point Reference:||CPAI-2013-2470|
|Date Published:||9 Jul 2013|
|Last Updated:||28 Jun 2017|
|Protection Provided by:||
|Who is Vulnerable?|
|Vulnerability Description||Authentication Bypass vulnerability have been reported in IPMI 2.0 Authentication. When using cipher type 0, it is an indicator that the client wants to use clear-text authentication,that allows access with any password.|
This protection will detect and block attempts to open sessions using cipher 0 option.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update.For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: Application Servers Protection Violation.
Attack Information: Multiple Vendors IPMI 2.0 Authentication Bypass via Cipher 0