PT-2019-16946 · Ibm · Ibm Open Power Firmware
Published
2019-08-26
·
Updated
2022-12-09
·
CVE-2019-4169
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Open Power Firmware versions OP910 and OP920
Description
The issue allows access to the Baseboard Management Controller (BMC) via Intelligent Platform Management Interface (IPMI) using the default OpenBMC password, even after the BMC password has been changed from the default.
Recommendations
For IBM Open Power Firmware versions OP910 and OP920, change the default OpenBMC password to a unique and secure password to prevent unauthorized access to the BMC via IPMI.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Open Power Firmware