CVE-2023-31025

CWE-90 CWE-743 documents3 sources

Severity

7.5HIGH

EPSS

0.2%

top 57.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia DGX A100 Firmware Nvidia DGX A100

Timeline

PublishedJan 12

Description

NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. A successful exploit of this vulnerability may lead to information disclosure.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDnvidia/dgx_a100_firmware< 00.22.05

▶CVEListV5nvidia/dgx_a100All BMC versions prior to 00.22.05

🔴Vulnerability Details

GHSA

GHSA-h54r-mf9p-gj9p: NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection↗2024-01-12

▶

CVEList

CVE↗2024-01-12

▶