Lucene search
K

6 matches found

VulnCheck KEV
VulnCheck KEV
added 2023/02/14 12:0 a.m.4 views

VulnCheck KEV: CVE-2013-4786

The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC...

7.8CVSS7.2AI score0.81802EPSS
Exploits2References1
Citrix
Citrix
added 2018/04/16 12:0 a.m.22 views

CVE-2013-4786 for LOM vulnerability

Mitigation recommendations for vulnerability CVE-2013-4786: 1. Setup SSL on the LOM port to encrypt credentials during login. 2. Follow the Secure Deployment Guide for Citrix ADC to isolate all management ports including the BMC management port on a management VLAN as is industry best practice...

7.5CVSS7AI score0.81802EPSS
Exploits2
securityvulns
securityvulns
added 2014/04/07 12:0 a.m.223 views

[security bulletin] HPSBHF02981 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO2, iLO3, iLO4), IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04197764 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04197764 Version: 1 HPSBHF02981 rev....

7.8CVSS0.7AI score0.81802EPSS
Exploits2
ATTACKERKB
ATTACKERKB
added 2013/07/08 12:0 a.m.247 views

CVE-2013-4786

The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC. Recent assessments: Assessed...

7.8CVSS4.3AI score0.81802EPSS
In wildExploits2References11
Circl
Circl
added 2013/07/02 12:0 a.m.20 views

CVE-2013-4786

creationtimestamp| type| source ---|---|--- 2013-07-02 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38633 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ipmi/ipmidumphashes.rb 2023-10-24 15:02:57+00:00|...

7.8CVSS7.7AI score0.81802EPSS
Exploits2References5
Metasploit
Metasploit
added 2013/06/24 7:23 p.m.257 views

IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval

This module identifies IPMI 2.0-compatible systems and attempts to retrieve the HMAC-SHA1 password hashes of default usernames. The hashes can be stored in a file using the OUTPUTFILE option and then cracked using hmacsha1crack.rb in the tools subdirectory as well hashcat cpu 0.46 or newer using...

7.5CVSS7AI score0.81802EPSS
Exploits2
Rows per page
Query Builder