這個(gè)名為IPMI的密碼泄露漏洞是智能型平臺(tái)管理接口(Intelligent Platform Management Interface)的縮寫,是管理基于 Intel結(jié)構(gòu)的企業(yè)系統(tǒng)中所使用的外圍設(shè)備采用的一種工業(yè)標(biāo)準(zhǔn),該標(biāo)準(zhǔn)由英特爾、惠普、NEC、美國(guó)戴爾電腦和SuperMicro等公司制定。IPMI是一種開(kāi)放標(biāo)準(zhǔn)的硬件管理接口規(guī)格,定義了嵌入式管理子系統(tǒng)進(jìn)行通信的特定方法。IPMI 信息通過(guò)基板管理控制器 (BMC)(位于 IPMI 規(guī)格的硬件組件上)進(jìn)行交流。
簡(jiǎn)單來(lái)說(shuō),有了IPMI這個(gè)東西,用戶可以利用IPMI監(jiān)視服務(wù)器的物理健康特征,如溫度、電壓、風(fēng)扇工作狀態(tài)、電源狀態(tài)等,更重要的是可以裝系統(tǒng)、開(kāi)關(guān)機(jī)、查看操作服務(wù)器屏幕輸出,就好比站在服務(wù)器面前。
而IPMI是可以通過(guò)Web管理的,通過(guò)80端口進(jìn)入管理界面,這里需要賬戶密碼認(rèn)證,而本次漏洞正是泄漏了這個(gè)認(rèn)證的密碼信息。
山麗網(wǎng)安的專家提醒:這個(gè)密碼泄露漏洞可以讓攻擊者不通過(guò)認(rèn)證就可獲得管理密碼,一旦讓黑客獲取服務(wù)器的高權(quán)限,造成的嚴(yán)重后果可想而知。因此被該漏洞影響的所有服務(wù)器應(yīng)盡快的聯(lián)系廠家進(jìn)行升級(jí),為避免因漏洞帶來(lái)的信息泄露后果,利用靈活且有針對(duì)性的加密軟件將重要數(shù)據(jù)加密,有效阻止信息泄露。
This password leakage vulnerability called IPMI is the abbreviation for Intelligent Platform Management Interface, which is an industry standard used to manage peripheral devices used in Intel based enterprise systems. The standard was developed by companies such as Intel, HP, NEC, Dell computers, and SuperMicro in the United States. IPMI is an open standard hardware management interface specification that defines specific methods for communication between embedded management subsystems. IPMI information is communicated through the Baseboard Management Controller (BMC) (located on IPMI specification hardware components).
Simply put, with IPMI, users can use it to monitor the physical health characteristics of servers, such as temperature, voltage, fan operation status, power status, etc. More importantly, they can install the system, turn on/off, and view the output of the server screen, just like standing in front of the server.
And IPMI can be managed through the web, entering the management interface through port 80, where account password authentication is required, and this vulnerability precisely leaks the password information of this authentication.
Experts from Shanli Wangan remind that this password leakage vulnerability can allow attackers to obtain management passwords without authentication. Once hackers gain high privileges on the server, the serious consequences can be imagined. Therefore, all servers affected by this vulnerability should contact the manufacturer as soon as possible to upgrade. To avoid the consequences of information leakage caused by the vulnerability, flexible and targeted encryption software should be used to encrypt important data, effectively preventing information leakage.