Nvidia Bmc
13 CVEs affecting Nvidia Bmc. Latest disclosed: 2023-04-22. Critical: 0, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-25505 | High | 7.8 | 2023-04-22 | NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with the appropriate level of authorization can cause… |
CVE-2022-42274 | High | 7.8 | 2023-01-13 | NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execut… |
CVE-2022-42275 | High | 7.7 | 2023-01-13 | NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and… |
CVE-2023-0200 | High | 7.5 | 2023-04-22 | NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may… |
CVE-2023-25507 | High | 7.2 | 2023-04-22 | NVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where an attacker with the appropriate level of authorization can inject arbitrary shell command… |
CVE-2022-42278 | High | 7.2 | 2023-01-13 | NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can read and write to arbitrary locations within the memory context of the IP… |
CVE-2022-42280 | High | 7.1 | 2023-01-13 | NVIDIA BMC contains a vulnerability in SPX REST auth handler, where an un-authorized attacker can exploit a path traversal, which may lead to authentication by… |
CVE-2023-25508 | Medium | 6.7 | 2023-04-22 | NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where an attacker with the appropriate level of authorization can upload and download arbitrary… |
CVE-2023-0201 | Medium | 6.7 | 2023-04-22 | NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may l… |
CVE-2022-42282 | Medium | 6.5 | 2023-01-13 | NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can access arbitrary files, which may lead to information disclosure. |
CVE-2022-42283 | Medium | 6.4 | 2023-01-13 | NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execut… |
CVE-2022-42284 | Medium | 6.2 | 2023-01-13 | NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. This may lead to a credentials exposure. |
CVE-2022-42287 | Medium | 6.0 | 2023-01-13 | NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can upload and download arbitrary files under certain circumstances, which ma… |