CVE-2024-0122

CWE-862 — Missing Authorization3 documents3 sources

Severity

7.6HIGH

EPSS

0.0%

top 89.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia DLS Component OF Nvidia License System

Timeline

PublishedNov 23

Description

NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker may cause an unauthorized action. A successful exploit of this vulnerability may lead to partial denial of service and confidential information disclosure.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:LExploitability: 2.8 | Impact: 4.7

Affected Packages1 packages

▶CVEListV5nvidia/dls_component_of_nvidia_license_system2.1, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.2, 3.3, 3.3.1

🔴Vulnerability Details

GHSA

GHSA-wrjx-5994-mvxh: NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker may cause an unauthorized action↗2024-11-23

▶

CVEList

CVE-2024-0122: NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker may cause an unauthorized action↗2024-11-22

▶