DGX H100 BMC
by Nvidia
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-31009 | Hig | 0.54 | 8.3 | 0.01 | Sep 20, 2023 | NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure. | ||
| CVE-2023-25533 | Hig | 0.54 | 8.3 | 0.01 | Sep 20, 2023 | NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to information disclosure, code execution, and escalation of privileges. | ||
| CVE-2023-25530 | Hig | 0.52 | 8.0 | 0.01 | Sep 20, 2023 | NVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure. | ||
| CVE-2023-25529 | Hig | 0.52 | 8.0 | 0.01 | Sep 20, 2023 | NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may… | ||
| CVE-2023-25527 | Hig | 0.51 | 7.8 | 0.00 | Sep 20, 2023 | NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory. A successful exploit of this vulnerability may lead to arbitrary kernel code execution, denial of service, escalation of privileges,… | ||
| CVE-2023-25531 | Hig | 0.49 | 7.6 | 0.00 | Sep 20, 2023 | NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and escalation of privileges. | ||
| CVE-2023-31008 | Hig | 0.47 | 7.3 | 0.00 | Sep 20, 2023 | NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of services, escalation of privileges, and information disclosure. | ||
| CVE-2023-31010 | Med | 0.44 | 6.8 | 0.01 | Sep 20, 2023 | NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, and denial of service. | ||
| CVE-2023-31015 | Med | 0.43 | 6.6 | 0.00 | Sep 20, 2023 | NVIDIA DGX H100 BMC contains a vulnerability in the REST service where a host user may cause as improper authentication issue. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, code execution, and denial of service. | ||
| CVE-2023-25532 | Med | 0.42 | 6.5 | 0.00 | Sep 20, 2023 | NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to information disclosure. | ||
| CVE-2023-31013 | Med | 0.40 | 6.1 | 0.01 | Sep 20, 2023 | NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure. | ||
| CVE-2023-31012 | Med | 0.40 | 6.1 | 0.01 | Sep 20, 2023 | NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure. | ||
| CVE-2023-25534 | Med | 0.37 | 5.7 | 0.01 | Sep 20, 2023 | NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||
| CVE-2023-31011 | Med | 0.34 | 5.2 | 0.00 | Sep 20, 2023 | NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure. |
- risk 0.54cvss 8.3epss 0.01
NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure.
- risk 0.54cvss 8.3epss 0.01
NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to information disclosure, code execution, and escalation of privileges.
- risk 0.52cvss 8.0epss 0.01
NVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure.
- risk 0.52cvss 8.0epss 0.01
NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may…
- risk 0.51cvss 7.8epss 0.00
NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory. A successful exploit of this vulnerability may lead to arbitrary kernel code execution, denial of service, escalation of privileges,…
- risk 0.49cvss 7.6epss 0.00
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and escalation of privileges.
- risk 0.47cvss 7.3epss 0.00
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of services, escalation of privileges, and information disclosure.
- risk 0.44cvss 6.8epss 0.01
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, and denial of service.
- risk 0.43cvss 6.6epss 0.00
NVIDIA DGX H100 BMC contains a vulnerability in the REST service where a host user may cause as improper authentication issue. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, code execution, and denial of service.
- risk 0.42cvss 6.5epss 0.00
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to information disclosure.
- risk 0.40cvss 6.1epss 0.01
NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure.
- risk 0.40cvss 6.1epss 0.01
NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure.
- risk 0.37cvss 5.7epss 0.01
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
- risk 0.34cvss 5.2epss 0.00
NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure.