VYPR
Unrated severityNVD Advisory· Published Aug 9, 2024· Updated Aug 13, 2024

CVE-2024-0113

CVE-2024-0113

Description

NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. A successful exploit of this vulnerability might lead to escalation of privileges and information disclosure.

Affected products

8
  • Nvidia/Skywayllm-create2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: All versions prior to and including 8.1.4400
  • Nvidia/MetroX-3 XCCllm-create2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: All versions prior to and including 18.2.2200
  • Nvidia/Mellanox OFEDllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: All versions prior to and including 3.11.2200
  • Nvidia/MetroX-2cpe-rescue
    Range: All versions prior to and including 3.11.4000

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.