Lucene search

NvidiaCVELIST:CVE-2022-21818

HistoryFeb 14, 2022 - 11:45 p.m.

CVE-2022-21818

2022-02-1423:45:13

CWE-312

nvidia

www.cve.org

nvidia

license system

installation

vulnerability

unauthorized access

escalated privileges

confidentiality

integrity

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

EPSS

0.001

Percentile

22.7%

JSON

NVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual appliance, where a user on a network after signing in to the portal can access other users’ credentials, allowing them to gain escalated privileges, resulting in limited impact to both confidentiality and integrity.

CNA Affected

[
  {
    "product": "NVIDIA License System",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to 1.1"
      }
    ]
  }
]

References

nvidia.custhelp.com/app/answers/detail/a_id/5319

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

EPSS

0.001

Percentile

22.7%

JSON

Related for CVELIST:CVE-2022-21818