cancel
Showing results for 
Search instead for 
Did you mean: 
sthe
Level 9

Appliance WBG-5000-B BMC / Intel RMM3 vulnerability

Jump to solution

Hello

There is aknown vulnerability in Intel EPSD BMC:

SecurityAdvisory INTEL-SA-00031

TechnicalAdvisory TA-1015-1

The latest supported BIOS / Firmware Package I got from McAfee included BMC Firmware BMC00.58 which is vulnerable. Is there a supported update to BMC00.60 available?

Best

Stefan

0 Kudos
1 Solution

Accepted Solutions
asabban
Level 17

Re: Appliance WBG-5000-B BMC / Intel RMM3 vulnerability

Jump to solution

Hello,

the BIOS page is for internal contacts only. Thats why Felix (as an employee of McAfee) can see it :-)

Please file an SR with Technical Support and request the update. They will provide you with the necessary files. Unfortunately this is the official way, as support is in charge to track the BIOS versions given to customers. However it should be resolved quickly if you let them know which file you want.

Best,

Andre

Nachricht geändert durch asabban on 07.03.13 15:32:16 MEZ
0 Kudos
14 Replies
fschulte
Level 10

Re: Appliance WBG-5000-B BMC / Intel RMM3 vulnerability

Jump to solution

Hi Stefan!

Please find the lastest firmware containing the fix (BMC 61) here: https://contentsecurity.mcafee.com/software_mwg7_bios

Ciao

Felix

0 Kudos
sthe
Level 9

Re: Appliance WBG-5000-B BMC / Intel RMM3 vulnerability

Jump to solution

Hello Felix

The Problem is that we do not have access to the Bios page. It returns a 404 - not found. Last time I had to contact our vendor / partner and even they had no access to that page so they had to contact someone at McAfee to get the Bios. Maybe I should mention that they are "McAfee Elite Partner".

Do I have to get the Bios in a such complicated way again?

Best

Stefan

0 Kudos
asabban
Level 17

Re: Appliance WBG-5000-B BMC / Intel RMM3 vulnerability

Jump to solution

Hello,

the BIOS page is for internal contacts only. Thats why Felix (as an employee of McAfee) can see it :-)

Please file an SR with Technical Support and request the update. They will provide you with the necessary files. Unfortunately this is the official way, as support is in charge to track the BIOS versions given to customers. However it should be resolved quickly if you let them know which file you want.

Best,

Andre

Nachricht geändert durch asabban on 07.03.13 15:32:16 MEZ
0 Kudos
sthe
Level 9

Re: Appliance WBG-5000-B BMC / Intel RMM3 vulnerability

Jump to solution

Hello Andre

Thank you for the information. I will ask our Partner for the BIOS like I did before.

Can you tell me the version number of the actual RAID BIOS please?

We had to replace our Appliance because the RAID BBU remaining capacity fell below 50%. In this case the cache is automatically set to "Write Through". It was less than a year in use.

In the Release Notes of a original RAID BIOS from Intel i found this:

RAID SROMBSASMP2:

v11.0.1-0051 (APP 1.40.352-2004)

- Updated EDV Values and settings to enhance BBU endurance

The new appliance is now running since two and a half month. Now I was wondering how the status of the BBU is and guess the remaining capacity already fell to 90%. I checked the capacity right after installing the new appliance and it was about 102%. So the real capacity was a bit higher than the design capacity.

Actual RAID BIOS is:

v11.0.1-0036 (APP 1.40.232-1007)

Best

Stefan

0 Kudos
asabban
Level 17

Re: Appliance WBG-5000-B BMC / Intel RMM3 vulnerability

Jump to solution

Hello,

unfortunately I don't know. I checked the files in the archive and all I could find was the following information:

BIOS   : Build Stamp : S5500.86B.01.00.0063.09212012 1436

BMC    : 61

FRUSDR : 26

ME     : SPS_01.01.02.007.0_Production

I am not sure whether the RAID BIOS is part of this package or must be obtained seperately. Our technical support guys should be able to tell you more about how to upgrade the RAID BIOS, unfortunately I can't tell because I don't know and I don't have a WG-5000 for testing available.

Maybe someone else can answer this question.

Best,

Andre

0 Kudos
sthe
Level 9

Re: Appliance WBG-5000-B BMC / Intel RMM3 vulnerability

Jump to solution

Hi Andre

I checked it and you are right it is not included in the standard BIOS package from Intel it is a separate one I guess the reason is you can get the original Intel Server with different RAID Controllers. I am going to ask our support contact. I will write when I have some news about it.

To anyone else: DO NOT USE THE STANDARD INTEL BIOS     When I asked about it the answer was: "You are going to loose warranty and support!"

The links above to the standard Intel BIOS are for reference only.

Thank you

Best

Stefan

Nachricht geändert durch sthe corrected the links to the Intel Download Center on 08.03.13 04:04:53 CST
0 Kudos
asabban
Level 17

Re: Appliance WBG-5000-B BMC / Intel RMM3 vulnerability

Jump to solution

Ahh cool. Thanks for the details :-)

0 Kudos
sthe
Level 9

Re: Appliance WBG-5000-B BMC / Intel RMM3 vulnerability

Jump to solution

I am sorry the links to the Intel Download Center do not work. So here they are:

BIOS Package:

http://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&DwnldID=22287&lang=eng

RAID BIOS:

http://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&DwnldID=22179&lang=eng

Again: For reference only! Do not use it!

0 Kudos
juliab
Level 7

Re: Appliance WBG-5000-B BMC / Intel RMM3 vulnerability

Jump to solution

Hi Stefan,

you will not only loose warranty and support, you also won't be able to install MWG on this Server, when you are not running a  MFE BIOS.

Latest  tested and released firmware for srombsasmp2 is 1.40.232-1007, as we ship it with our Appliances.

As Andre already suggested, please contact the Technical Support if you have any further questions or concerns.

Best regards,

Julia

0 Kudos