CVE-2023-31008: Input Validation
First published: Wed Sep 20 2023(Updated: )
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of services, escalation of privileges, and information disclosure.
Credit: psirt@nvidia.com psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Dgx H100 Firmware | <23.08.18 | |
| NVIDIA DGX H100 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-31008.
What is the title of the vulnerability?
The title of the vulnerability is "NVIDIA DGX H100 BMC contains a vulnerability in IPMI where an attacker may cause improper input validation."
What is the severity level of CVE-2023-31008?
The severity level of CVE-2023-31008 is high with a score of 7.3.
How does the vulnerability in NVIDIA DGX H100 BMC affect the software?
The vulnerability in NVIDIA DGX H100 BMC may lead to code execution, denial of services, escalation of privileges, and information disclosure.
How can I fix the vulnerability in NVIDIA DGX H100 BMC?
To fix the vulnerability in NVIDIA DGX H100 BMC, update the firmware to version 23.08.18 or later.
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia dgx h100 firmware
- canonical/nvidia dgx h100