CVE-2013-4782

Supermicro BMC - Auth Bypass

Title source: llm

Description

The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.

Exploits (1)

metasploit SCANNER

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero.rb

View Code ZIP pw:eip

References (5)

[Various Sources] http://fish2.com/ipmi/cipherzero.html

[Various Sources] http://www.metasploit.com/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero

[Various Sources] http://www.wired.com/threatlevel/2013/07/ipmi/

[Various Sources] https://lists.gnu.org/archive/html/freeipmi-devel/2013-02/msg00013.html

[Third Party Advisory, VDB Entry] http://osvdb.org/show/osvdb/93038

Scores

EPSS 0.6408

EPSS Percentile 98.4%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

supermicro/bmc

Timeline

Published Jul 08, 2013

Tracked Since Feb 18, 2026