Low Severity

Vulnerability involving IBM Cloud Baseboard Management Controller (BMC) Firmware

Share this post:

The Baseboard Management Controller (BMC) is a third-party component designed to enable remote management of a server for initial provisioning, operating system reinstall and troubleshooting. As part of IBM Cloud’s Bare Metal Server offering, clients have access to the BMC.

Vulnerability Details:
On some system models offered by IBM Cloud and other cloud providers, a malicious attacker with access to the provisioned system could overwrite the firmware of the BMC. The system could then be returned to the hardware pool, where the compromised BMC firmware could then be used to attack the next user of the system.

The BMC has limited processing power and memory, which makes these types of attacks difficult. IBM has found no indication that this vulnerability has been exploited for malicious purposes. In addition, all clients of IBM Cloud receive a private network for their BMCs, separate from the private networks containing other clients’ BMCs and unprovisioned BMCs.

IBM has responded to this vulnerability by forcing all BMCs, including those that are already reporting up-to-date firmware, to be reflashed with factory firmware before they are re-provisioned to other customers. All logs in the BMC firmware are erased and all passwords to the BMC firmware are regenerated.

Workarounds and Mitigations:

Related Information
IBM Secure Engineering Web Portal


Change History
25 February 2019:  Original version published

More Low Severity stories

IBM Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities CVE-2019-10072

Jul 18, 2019 9:02 am EDT | High Severity

IBM WebSphere Cast Iron Solution has addressed the following vulnerabilities reported in Apache Tomcat v8 CVE(s): CVE-2019-10072 Affected product(s) and affected version(s): App Connect Professional v7.5.3.0. Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10958283X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162806 ...read more

IBM Security Bulletin: Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager IP Edition (CVE-2018-1890, CVE-2019-2426)

Jul 18, 2019 9:01 am EDT | Medium Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.1.1 and v4.2, which were disclosed in the Oracle January 2019 Critical Patch Update. CVE(s): CVE-2018-1890, CVE-2019-2426 Affected product(s) and affected version(s): IBM Tivoli Network Manager IP Edition v4.1.1, v4.2 Refer to the ...read more

IBM Security Bulletin: A vulnerability in IBM WebSphere Application Server affects IBM Spectrum Scale packaged in IBM Elastic Storage Server (CVE-2019-4046)

Jul 18, 2019 9:01 am EDT | Medium Severity

There is a vulnerability in IBM WebSphere Application Server, used by IBM Spectrum Scale. This issue allows a remote attacker to cause a denial of service condition. CVE(s): CVE-2019-4046 Affected product(s) and affected version(s):The Elastic Storage Server 5.3.0 thru 5.3.3 The Elastic Storage Server 5.0.0 thru 5.2.6 The Elastic Storage Server 4.5.0 thru 4.6.0 The ...read more