PC World

Despite patches, Supermicro’s IPMI firmware is far from secure, researchers say

The Intelligent Platform Management Interface (IPMI) implementation found in motherboards from server manufacturer Supermicro suffers from serious vulnerabilities that could allow attackers to ...
Ars Technica

SuperMicro, IPMI, and Java

Paladin, I think you nailed it. A BMC can use a web interface for resets, BIOS uploads, virtual media config, etc, but remote console access should be an authenticated VNC server to which you can ...
Ars Technica

Accessing Supermicro server via IPMI

I've been working with a Supermicro server of some sort. It has an IPMI board for remote console, media and monitoring. My past experience is with Proliant and IBM chassis. The Supermicro seems a bit ...
ZDNet

Vulnerabilities found in the remote management interface of Supermicro servers

The firmware responsible for the remote management features of Supermicro servers contains vulnerabilities that allow attackers to gain a permanent foothold on servers even after OS reinstalls, and ...
Threat Post

Seven IPMI Firmware Zero Days Disclosed

A number of previously unreported vulnerabilities in Super Micro IPMI firmware were disclosed today that could put servers at hosting providers at risk. Metasploit creator and Rapid7 CSO HD Moore ...
Threat Post

Plaintext Supermicro IPMI Credentials Exposed

Weaknesses in Supermicro IPMI-based baseboard management controllers expose remote passwords in plaintext. Much has been written about the insecurity of the IPMI protocol present inside embedded ...