How to disable IPMI 2.0 on Exadata nodes (Doc ID 2236124.1)

Last updated on AUGUST 14, 2017

Applies to:

Oracle Exadata Storage Server Software - Version 12.2.1.1.0 and later
Linux x86-64

Goal

This note will explain how to disable IPMI 2.0 and use secure IPMI TLS.  The IPMI 2.0 specification supports an insecure authentication method as described in CVE-2013-4786.  This protocol is used in ILOM on Exadata database nodes and cell servers.  Starting in Exadata Storage Software version 12.2.1.1.0 and later, a newer version of ILOM firmware (3.2.8.x) includes a secure IPMI implementation (IPMI TLS Service and Interface). 

12.2.1.1.0: This note is supported on X3-2 hardware and later, and X4-8 hardware and later.

12.2.1.1.1: This note is supported on X3-2 hardware and later, and X2-8 hardware and later. (updated 4/27/17)

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms