CVE-2022-42279
published 2023-01-13CVE-2022-42279: NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nvidia | dgx_a100_firmware | < 00.19.07 | 00.19.07 |
| nvidia | nvidia_dgx_servers | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
ghsa7.5HIGH