diff --git a/CHANGELOG b/CHANGELOG
index a91282e03..b820a5839 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,9 @@
 #s wa Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE][GH#1022] Fix a false positive condition in ipmi-cipher-zero caused by
+  not checking the error code in responses. Implementations which return an
+  error are not vulnerable. [Juho Jokelainen]
+
 o [GH#978] Fixed Nsock on Windows giving errors when selecting on STDIN. This
   was causing Ncat 7.60 in connect mode to quit with error:
    libnsock select_loop(): nsock_loop error 10038: An operation was attempted on something that is not a socket.
diff --git a/scripts/ipmi-cipher-zero.nse b/scripts/ipmi-cipher-zero.nse
index 6c796c37b..aa90b240d 100644
--- a/scripts/ipmi-cipher-zero.nse
+++ b/scripts/ipmi-cipher-zero.nse
@@ -95,7 +95,7 @@ functionality
   nmap.set_port_state(host, port, "open")
 
   local info = ipmi.parse_open_session_reply(reply)
-  if info["session_payload_type"] == ipmi.PAYLOADS["RMCPPLUSOPEN_REP"] then
+  if info["session_payload_type"] == ipmi.PAYLOADS["RMCPPLUSOPEN_REP"] and info["error_code"] == 0 then
     vuln_table.state = vulns.STATE.VULN
   end