CVE-2022-31603

CVSS 6.4 MEDIUMEPSS 0.2%CWE-129

NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high privileges and preconditioned IpSecDxe global data can exploit improper validation of an array index to cause code execution, which may lead to denial of service, data integrity impact, and information disclosure.

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Produtos afetados

NVIDIA · NVIDIA DGX A100

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://nvidia.custhelp.com/app/answers/detail/a_id/5367