Symptoms
A security scan can highlight a data node or utility node Remote Access (RMM) port as having a security vulnerability.The following tables show the known vulnerabilities and recommended firmware level to remedy these issues in Gen4S and Gen4T hardware.
Resolution
Gen4T
VulnerabilityMin Firmware LevelCVE-2016-2183BMC 24.10CVE-2013-2566BMC 24.10CVE-2015-2808BMC 24.10CVE-2014-3566BMC 24.10To disable SSL 2.0 and 3.0BMC 24.10
To verify firmware level on Gen4T nodes:showfwvers
Gen4S
VulnerabilityMin Firmware LevelCVE-2016-2183BMC 1.27CVE-2013-2566BMC 1.25CVE-2015-2808BMC 1.25CVE-2012-4929BMC 1.25CVE-2012-4930BMC 1.25To disable support for TLS 1.0BMC 1.28To disable SSL 2.0 and 3.0.BMC 1.28
To verify the firmware level on Gen4S nodes:flashupdt -i | egrep "Op Code|BIOS Version"To schedule a firmware update, please open a Service Request.
