Solved

IPMI port vulnerability (VNC protocol enabled)

  • 29 September 2021
  • 4 replies
  • 404 views
J
Badge +1

Hi there.
A security check on my nutanix clusters (8 nodes) revealed that the IPMI port on every nodes is vulnerable cause the VNC protocol is used to access them through port 5900.

Issue:
"...Virtual Network Computing (VNC) provides remote users with access to the system it it installed on. If this service is compromised, the user can gain complete control of the system...."

Remediation:
"...Remove or disable this service..."

What are my options? It is possible to disable these ports without affecting the performance of the NUTANIX cluster.

Thanks in advance.

icon

Best answer by Michael.Manuele 30 September 2021, 16:23

View original
"The best way to find yourself is to lose yourself in the service of others..." M. Gandhi
This topic has been closed for comments

4 replies

Michael.Manuele
Rank
Userlevel 2
Badge +4

@jssanche1975 What hardware are you running on?  Are these NX nodes?

J
Badge +1

Hello Michael. 

Thanks for your reply. 

They are not NX servers. If I'm not mistaken, it is the same issue for any HW (NUTANIX, DELL, LENOVO, HP, ETC), the administrative port is accessed through the VNC protocol.

 

Thanks for your prompt response.

 

 

"The best way to find yourself is to lose yourself in the service of others..." M. Gandhi
Michael.Manuele
Rank
Userlevel 2
Badge +4

@jssanche1975 

Here you go:

https://portal.nutanix.com/page/documents/kbs/details?targetId=kA032000000TTQgCAO

https://portal.nutanix.com/page/documents/kbs/details?targetId=kA032000000988sCAA

 

These two support articles should answer your question and address the issue.

Mike

J
Badge +1

Hello Michael,

I really appreciate your help, these tech notes will definitely solve the issue. 

 

Thank a lot, 

"The best way to find yourself is to lose yourself in the service of others..." M. Gandhi
Terms & Conditions