Vulnerabilities > CVE-2022-42288 - Information Exposure Through Discrepancy vulnerability in Nvidia DGX A100 Firmware

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
nvidia
CWE-203
NVD
Published: 2023-01-13
Updated: 2024-11-21

Summary

NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid BMC username, which may lead to an information disclosure.

Vulnerable Configurations

Part Description Count
OS
Nvidia
1
Hardware
Nvidia
1

Common Weakness Enumeration (CWE)

References