CVE-2023-25532
First published: Wed Sep 20 2023(Updated: )
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to information disclosure.
Credit: psirt@nvidia.com psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Dgx H100 Firmware | <23.08.18 | |
| NVIDIA DGX H100 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this NVIDIA DGX H100 BMC vulnerability?
The vulnerability ID for this NVIDIA DGX H100 BMC vulnerability is CVE-2023-25532.
What is the title of this vulnerability?
The title of this vulnerability is 'NVIDIA DGX H100 BMC contains a vulnerability in IPMI.'
What is the description of this vulnerability?
The description of this vulnerability is that an attacker may cause insufficient protection of credentials on the NVIDIA DGX H100 BMC, leading to information disclosure.
What software is affected by this vulnerability?
The NVIDIA DGX H100 BMC firmware version up to 23.08.18 is affected by this vulnerability.
What is the severity of this vulnerability?
The severity of this vulnerability is high with a CVSS score of 7.5.
How can I fix this vulnerability?
To fix this vulnerability, NVIDIA recommends updating the affected DGX H100 BMC firmware to a version beyond 23.08.18. More details can be found in the provided reference.
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/references
- agent/event
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia dgx h100 firmware
- canonical/nvidia dgx h100