HIGH🇬🇧 English

CVE-2023-0200

CVSS 7.5v3.1pub. 2023-04-22upd. 2024-11-21

NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may lead to code execution, escalation of privileges, denial of service, and information disclosure.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  • Nvidia Bmc

    OS
    Nvidia
    < 1.08.00
  • Nvidia Dgx 2

    HW
    Nvidia
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEDoS
CWE
Referencje

Powiązane podatności

CVE-2020-11483CRITICAL9.8ten sam produkt

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware vers...

CVE-2023-25507HIGH7.2ten sam produkt

NVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where an attacker with the appropriate level of...

CVE-2023-25505HIGH7.8ten sam produkt

NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with ...

CVE-2023-0207HIGH7.5ten sam produkt

NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at run...

CVE-2022-42278HIGH7.2ten sam produkt

NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can read and write to arbitr...