Solved

IPMI port vulnerability (VNC protocol enabled)

  • 29 September 2021
  • 4 replies
  • 33 views

Badge

Hi there.
A security check on my nutanix clusters (8 nodes) revealed that the IPMI port on every nodes is vulnerable cause the VNC protocol is used to access them through port 5900.

Issue:
"...Virtual Network Computing (VNC) provides remote users with access to the system it it installed on. If this service is compromised, the user can gain complete control of the system...."

Remediation:
"...Remove or disable this service..."

What are my options? It is possible to disable these ports without affecting the performance of the NUTANIX cluster.

Thanks in advance.

icon

Best answer by Michael.Manuele 30 September 2021, 16:23

View original

This topic has been closed for comments

4 replies

Userlevel 2
Badge +4

@jssanche1975 What hardware are you running on?  Are these NX nodes?

Badge

Hello Michael. 

Thanks for your reply. 

They are not NX servers. If I'm not mistaken, it is the same issue for any HW (NUTANIX, DELL, LENOVO, HP, ETC), the administrative port is accessed through the VNC protocol.

 

Thanks for your prompt response.

 

 

Userlevel 2
Badge +4

@jssanche1975 

Here you go:

https://portal.nutanix.com/page/documents/kbs/details?targetId=kA032000000TTQgCAO

https://portal.nutanix.com/page/documents/kbs/details?targetId=kA032000000988sCAA

 

These two support articles should answer your question and address the issue.

Mike

Badge

Hello Michael,

I really appreciate your help, these tech notes will definitely solve the issue. 

 

Thank a lot,