CVE-2024-0113
published 2024-08-12CVE-2024-0113: NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. A successful exploit of this vulnerability might lead to escalation of privileges and information disclosure.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nvidia | mellanox_os | — | — |
| nvidia | mellanox_os | — | — |
| nvidia | mellanox_os | — | — |
| nvidia | metrox-2 | — | — |
| nvidia | metrox-3_xc | — | — |
| nvidia | mlnx-gw | < 8.1.4500 | 8.1.4500 |
| nvidia | mlnx-gw | < 8.2.2300 | 8.2.2300 |
| nvidia | mlnx-os | < 3.10.4500 | 3.10.4500 |
| nvidia | mlnx-os | < 3.12.1002 | 3.12.1002 |
| nvidia | mlnx-os | >= 3.11.0000 < 3.11.2302 | 3.11.2302 |
| nvidia | nvda-os_xc | < 18.2.2200 | 18.2.2200 |
| nvidia | onyx | < 3.10.4504 | 3.10.4504 |
| nvidia | skyway | — | — |
| nvidia | skyway | — | — |