More than 32000 servers containing motherboards manufactured by Supermicro expose admin passwords in the clear, it is a godsend for hackers.
A significant number of servers containing motherboards manufactured by Supermicro exposes administrator passwords, the situation is worrying considering that the problem is well known and a series of patches has been already released to fix the critical vulnerability, as explained by experts at CARI.net team.The flaw relates to a component in the baseboard management controller (BMC) which allows administrators to monitor physical parameters (e.g. Temperatures, fan speed, disk and memory performance) of a large number of servers. The controller in Supermicro motherboards contains a binary file which contains remote login passwords in clear text.
Full Article.