Question
Our SOC vulnerability scan reported a Ripple20 / Treck TCP/IP stack finding on the BMC interface for this server, referencing CVEs: CVE-2020-11896 through CVE-2020-11914.

We would like your confirmation on the following:

1- Whether Supermicro BMC firmware for this model is affected by Ripple20 / Treck TCP/IP stack vulnerabilities.

2- Whether this finding is a false positive or generic scanner fingerprint.
Print
Answer
The BMC firmware does not use the Treck TCP/IP stack.
The scanner’s finding appears to be a false positive.
Was this FAQ helpful?
Enter Comments Below:
Note: Your comments/feedback should be limited to this FAQ only. For technical support, please send an email to .
Enter your email address below if you'd like technical support staff to reply:
Please type the Captcha (no space)
E 9 H M
FAQ ID:
44896
Related Category / Keyword:
N/A
Date Posted:
03/20/26
Code:
Find more questions
Still Need Support?
Having trouble finding what you're searching for? Contact our support team for further assistance.

Certain products may not be available in your region