Vulnerabilities > CVE-2022-42278 - Unspecified vulnerability in Nvidia BMC

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

nvidia

NVD

Published: 2023-01-13

Updated: 2023-01-24

Summary

NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can read and write to arbitrary locations within the memory context of the IPMI server process, which may lead to code execution, denial of service, information disclosure and data tampering.

Vulnerable Configurations

Part	Description	Count
OS	Nvidia Nvidia BMC *	1
Hardware	Nvidia Nvidia DGX A100 -	1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5435