Lucene search

[email protected]NVD:CVE-2022-42273

HistoryJan 12, 2023 - 11:15 p.m.

CVE-2022-42273

2023-01-1223:15:10

CWE-120

[email protected]

web.nvd.nist.gov

nvidia

bmc

vulnerability

libwebsocket

buffer overflow

code execution

denial of service

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

40.3%

JSON

NVIDIA BMC contains a vulnerability in libwebsocket, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution.

Affected configurations

Nvd

Node

nvidiadgx_a100_firmwareRange<00.19.07bmc

AND

nvidiadgx_a100Match-

VendorProductVersionCPE
nvidiadgx_a100_firmware*cpe:2.3:o:nvidia:dgx_a100_firmware:*:*:*:*:bmc:*:*:*
nvidiadgx_a100-cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nvidia	dgx_a100_firmware	*	cpe:2.3:o:nvidia:dgx_a100_firmware:::::bmc:::*
nvidia	dgx_a100	-	cpe:2.3:h:nvidia:dgx_a100:-:::::::*

References

nvidia.custhelp.com/app/answers/detail/a_id/5435

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

40.3%

JSON

Related for NVD:CVE-2022-42273

cve1 prion1 cvelist1 nvidia2