IPMI version 2.0 is susceptible to exploitation that allows an attacker to obtain password hash information.
The vulnerability scan on the environment can give the below sample output:-
The remote host supports IPMI version 2.0.
The remote host supports IPMI v2.0. The Intelligent Platform Management Interface (IPMI) protocol is affected by an information disclosure vulnerability due to the support of RMCP+ Authenticated Key Exchange Protocol (RAKP) authentication. A remote attacker can obtain password hash information for valid user accounts via the HMAC from a RAKP message 2 response from a BMC.
To know the IPMI version on the host, login into the host, run the command for checking BMC version and you’ll get an output similar to:-
Device ID : 32
Device Revision : 1
Firmware Revision : 3.63
IPMI Version : 2.0 <<== IPMI version
Manufacturer ID : xxxxx
Manufacturer Name : Supermicro
To know how to retrieve the BMC version, check out the post:- https://next.nutanix.com/discussion-forum-14/down-to-the-details-bmc-and-bios-version-of-nutanix-node-37157
To know more about how to mitigate/apply solutions to pass the vulnerability scan, take a look at https://portal.nutanix.com/#/page/kbs/details?targetId=kA032000000988iCAA