DGX-1

CVEs (9)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2023-25506	Nvidia DGX-1	—	0.00	Apr 22, 2023	NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information…
CVE-2023-0209	Nvidia DGX-1	—	0.00	Apr 22, 2023	NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure…
CVE-2020-11488	Nvidia DGX-1	—	0.00	Oct 29, 2020	NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which software does not validate the RSA 1024 public key used to verify the firmware…
CVE-2020-11489	Nvidia DGX-1	—	0.00	Oct 29, 2020	NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure.
CVE-2020-11486	Nvidia DGX-1	—	0.02	Oct 29, 2020	NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to…
CVE-2020-11487	Nvidia DGX-1	—	0.00	Oct 29, 2020	NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with…
CVE-2020-11483	Nvidia DGX-1	—	0.00	Oct 29, 2020	NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges…
CVE-2020-11485	Nvidia DGX-1	—	0.00	Oct 29, 2020	NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was…
CVE-2020-11484	Nvidia DGX-1	—	0.00	Oct 29, 2020	NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a vulnerability in the AMI BMC firmware in which an attacker with administrative privileges can obtain the hash of the BMC/IPMI user password, which may lead to information disclosure.

CVE-2023-25506Apr 22, 2023
Nvidia
DGX-1
risk 0.00cvss —epss 0.00
NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information…
CVE-2023-0209Apr 22, 2023
Nvidia
DGX-1
risk 0.00cvss —epss 0.00
NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure…
CVE-2020-11488Oct 29, 2020
Nvidia
DGX-1
risk 0.00cvss —epss 0.00
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which software does not validate the RSA 1024 public key used to verify the firmware…
CVE-2020-11489Oct 29, 2020
Nvidia
DGX-1
risk 0.00cvss —epss 0.00
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure.
CVE-2020-11486Oct 29, 2020
Nvidia
DGX-1
risk 0.00cvss —epss 0.02
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to…
CVE-2020-11487Oct 29, 2020
Nvidia
DGX-1
risk 0.00cvss —epss 0.00
NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with…
CVE-2020-11483Oct 29, 2020
Nvidia
DGX-1
risk 0.00cvss —epss 0.00
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges…
CVE-2020-11485Oct 29, 2020
Nvidia
DGX-1
risk 0.00cvss —epss 0.00
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was…
CVE-2020-11484Oct 29, 2020
Nvidia
DGX-1
risk 0.00cvss —epss 0.00
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a vulnerability in the AMI BMC firmware in which an attacker with administrative privileges can obtain the hash of the BMC/IPMI user password, which may lead to information disclosure.