>>zdw+(OP)
My favorite supermicro facepalm will always be when you could set the IPMI encryption cipher to "none" (ipmitool -C0) and bypass actually needing any password at all. (Though I don't think this was unique to supermicro actually?)
>>temp08+a9b
Pretty much all of them allow unrestricted access from KMS from factory, tough all of them have a way to disable it once configured, and HPE even throws shade until it's limited. KMS only works from the host itself.