CVE-2025-23291

CWE-312 — Cleartext Storage of Sensitive Info3 documents3 sources

Severity

2.4LOW

EPSS

0.0%

top 99.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia DLS Component OF Nvidia License System

Timeline

PublishedSep 30

Description

NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an User/Attacker may cause an authorized action. A successful exploit of this vulnerability may lead to information disclosure.

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:NExploitability: 0.7 | Impact: 1.4

Affected Packages1 packages

▶CVEListV5nvidia/dls_component_of_nvidia_license_systemAll versions prior to v3.5.1 and v3.1.7

🔴Vulnerability Details

GHSA

GHSA-cphw-5rrj-wrrh: NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an User/Attacker may cause an authorized action↗2025-09-30

▶

CVEList

CVE-2025-23291: NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an User/Attacker may cause an authorized action↗2025-09-30

▶