My Oracle Support Banner

How to disable IPMI 2.0 on Exadata nodes (Doc ID 2236124.1)

Last updated on JANUARY 18, 2020

Applies to:

Oracle Exadata Storage Server Software - Version 12.2.1.1.0 and later
Linux x86-64

Goal

This note will explain how to disable IPMI 2.0 and use secure IPMI TLS.  The IPMI 2.0 specification supports an insecure authentication method as described in CVE-2013-4786.  This protocol is used in ILOM on Exadata database nodes and cell servers.  Starting in Exadata Storage Software version 12.2.1.1.0 and later, a newer version of ILOM firmware (3.2.8.x) includes a secure IPMI implementation (IPMI TLS Service and Interface). 

12.2.1.1.0: This note is supported on X3-2 hardware and later, and X4-8 hardware and later. (3.2.8.x)

12.2.1.1.1: This note is supported on X3-2 hardware and later, and X2-8 hardware and later. (3.2.9.x) (updated 4/27/17)

12.2.1.1.3: This note is supported on X2-2 and V2 hardware and later, and X2-8 hardware and later. (3.2.10.x) (updated 10/31/17)

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Goal
Solution
 Requirements:
 Steps (ILOM GUI):
 Steps (ILOM Command Line):
 Steps (Single-Host Command Line):
 Steps (Multi-Host Command Line):
 Special Instructions (Infiniband Switch Only):
 Summary:
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.