Lucene search

[email protected]NVD:CVE-2022-42275

HistoryJan 13, 2023 - 1:15 a.m.

CVE-2022-42275

2023-01-1301:15:09

CWE-306

CWE-288

[email protected]

web.nvd.nist.gov

nvidia

bmc

ipmi

spi flash

unauthenticated

secureboot

integrity

denial of service

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

0.0004 Low

EPSS

Percentile

9.1%

JSON

NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and denial of service.

Affected configurations

NVD

Node

nvidiadgx_a100Match-

AND

nvidiabmcRange<00.19.07

References

nvidia.custhelp.com/app/answers/detail/a_id/5435

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for NVD:CVE-2022-42275

cve1 prion1 cvelist1 nvidia2