Question We are using an X9DRW-IF with IPMI Version 2.59. We run a security scan software to check for possible vulnerabilities. We found: - (IPMI 2.0 Cipher Type Zero Authentication Bypass Vulnerability - IPMI 2.0 RAKP Authentication Remote Password Hash Retrieval Vulnerability) I was under the impression that firmware 2.59 had fixes for these vulnerabilities already built in. Can you confirm this is still a problem in this firmware version? Answer 2.64 will have fix for -C 0 vulnerability For RAKP, that is IPMI spec weakness, but we cannot do anything about that as it is IPMI spec. The workaround is enable SMC RAPK on web. But after that only web and our SMCIPMI tool can work as we didn’t follow the spec for this. Open source tool cannot work anymore. Was this FAQ helpful? YES      NO Enter Comments Below: Note: Your comments/feedback should be limited to this FAQ only. For technical support, please send an email to support@supermicro.com.  Enter your email address below if you'd like technical support staff to reply:  Please type the Captcha (no space) L Y L 4 FAQ Stats FAQ ID Related Category / Keyword Date Posted Code 20881 Hardware Monitoring: - IPMI 06/05/15     Print Answer