Researchers: Vulnerabilities could give attackers near-physical access to servers and workstations. The flaws are in the Intelligent Platform Management Interface (IPMI) protocol and the Baseboard Management Controllers (BMC) The bugs could allow an attacker to compromise BMCs in the affected servers and siphon data from attached storage devices, make changes to the operating system, install a permanent backdoor, sniff credentials sent through the server, launch a denial-of-service attack. The bugs follow a common theme in other weaknesses in Internet-facing equipment.”]
Source: https://www.darkreading.com/analytics/new-gaping-security-holes-found-exposing-servers