Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-5987

Опубликовано: 02 окт. 2020
Источник: nvd
CVSS3: 7.8
CVSS2: 4.6
EPSS Низкий

Описание

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to denial of service or escalation of privileges. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*
Версия от 8.0 (включая) до 8.5 (исключая)
cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*
Версия от 10.0 (включая) до 10.4 (исключая)
cpe:2.3:a:nvidia:virtual_gpu_manager:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 17%
0.00054
Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-459

Связанные уязвимости

github логотип

GHSA-6xgm-jh2v-38xm

github
больше 3 лет назад

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to denial of service or escalation of privileges. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

EPSS

Процентиль: 17%
0.00054
Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-459