Lucene search

K
cvelistNvidiaCVELIST:CVE-2023-25532
HistorySep 20, 2023 - 12:29 a.m.

CVE-2023-25532

2023-09-2000:29:20
CWE-522
nvidia
www.cve.org
4
nvidia dgx h100
bmc
ipmi
credential protection
vulnerability
information disclosure

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.9

Confidence

High

EPSS

0.001

Percentile

49.1%

NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to information disclosure.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "DGX H100 BMC",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to 23.08.07"
      }
    ]
  }
]

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.9

Confidence

High

EPSS

0.001

Percentile

49.1%

Related for CVELIST:CVE-2023-25532