CRITICALπŸ‡΅πŸ‡± Wersja polska

CVE-2020-11483

CVSS 9.8v3.1pub. 2020-10-29upd. 2024-11-21

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information disclosure.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Intel Bmc Firmware

    OS
    Intel
    < 3.38.30< 1.06.06
  • Nvidia Dgx 1

    HW
    Nvidia
    wszystkie wersje
  • Nvidia Dgx 2

    HW
    Nvidia
    wszystkie wersje
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2020-11486CRITICAL9.8ten sam produkt

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI ...

CVE-2018-12171CRITICAL9.8ten sam produkt

Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may ...

CVE-2023-0207HIGH7.5ten sam produkt

NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at run...

CVE-2023-0200HIGH7.5ten sam produkt

NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can...

CVE-2023-0209HIGH8.2ten sam produkt

NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code execute...

CVE-2020-11483 β€” Intel β€” Bmc Firmware β€” CRITICAL β€” CVSS 9.8 | CVEbaza.pl