IPMI port vulnerability (VNC protocol enabled) | Nutanix Community
Skip to main content

Hi there.
A security check on my nutanix clusters (8 nodes) revealed that the IPMI port on every nodes is vulnerable cause the VNC protocol is used to access them through port 5900.

Issue:
"...Virtual Network Computing (VNC) provides remote users with access to the system it it installed on. If this service is compromised, the user can gain complete control of the system...."

Remediation:
"...Remove or disable this service..."

What are my options? It is possible to disable these ports without affecting the performance of the NUTANIX cluster.

Thanks in advance.

@jssanche1975 What hardware are you running on?  Are these NX nodes?

Hello Michael. 

Thanks for your reply. 

They are not NX servers. If I'm not mistaken, it is the same issue for any HW (NUTANIX, DELL, LENOVO, HP, ETC), the administrative port is accessed through the VNC protocol.

 

Thanks for your prompt response.

 

 

@jssanche1975 

Here you go:

https://portal.nutanix.com/page/documents/kbs/details?targetId=kA032000000TTQgCAO

https://portal.nutanix.com/page/documents/kbs/details?targetId=kA032000000988sCAA

 

These two support articles should answer your question and address the issue.

Mike

Hello Michael,

I really appreciate your help, these tech notes will definitely solve the issue. 

 

Thank a lot, 

Terms & Conditions