Описание
NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where an attacker with the appropriate level of authorization can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, and data tampering.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.39.30 (исключая)
Одновременно
cpe:2.3:o:nvidia:bmc:*:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:dgx-1:-:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00033
Низкий
6.7 Medium
CVSS3
7.8 High
CVSS3
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 6.7
github
почти 3 года назад
NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where an attacker with the appropriate level of authorization can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, and data tampering.
EPSS
Процентиль: 9%
0.00033
Низкий
6.7 Medium
CVSS3
7.8 High
CVSS3
Дефекты
CWE-22
CWE-22