CVE-2023-25528
published 2023-09-20CVE-2023-25528: NVIDIA DGX H100 baseboard management controller (BMC) contains a vulnerability in a web server plugin, where an unauthenticated attacker may cause a stack…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
NVIDIA DGX H100 baseboard management controller (BMC) contains a vulnerability in a web server plugin, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nvidia | dgx_h100_bmc | — | — |
| nvidia | dgx_h100_firmware | < 23.08.18 | 23.08.18 |