Design/Logic Flaw

2021-08-1316:15:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

NVIDIA DCGM, all versions prior to 2.2.9, contains a vulnerability in the DIAG module where any user can inject shared libraries into the DCGM server, which is usually running as root, which may lead to privilege escalation, total loss of confidentiality and integrity, and complete denial of service.

CPENameOperatorVersion
data_center_gpu_managerlt2.2.9

CPE	Name	Operator	Version
	data_center_gpu_manager	lt	2.2.9

References

nvidia.custhelp.com/app/answers/detail/a_id/5219