Vulnerabilities > CVE-2021-34398 - Inclusion of Functionality from Untrusted Control Sphere vulnerability in Nvidia Data Center GPU Manager
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
NVIDIA DCGM, all versions prior to 2.2.9, contains a vulnerability in the DIAG module where any user can inject shared libraries into the DCGM server, which is usually running as root, which may lead to privilege escalation, total loss of confidentiality and integrity, and complete denial of service.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |