CVE-2023-31009: Input Validation
First published: Wed Sep 20 2023(Updated: )
NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure.
Credit: psirt@nvidia.com psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Dgx H100 Firmware | <23.08.18 | |
| NVIDIA DGX H100 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability identifier for this NVIDIA DGX H100 BMC vulnerability?
The vulnerability identifier for this NVIDIA DGX H100 BMC vulnerability is CVE-2023-31009.
What is the severity rating of CVE-2023-31009?
The severity rating of CVE-2023-31009 is critical.
What is the affected software for CVE-2023-31009?
The affected software for CVE-2023-31009 is NVIDIA DGX H100 BMC firmware version up to and excluding 23.08.18.
What are the potential impacts of exploiting CVE-2023-31009?
The potential impacts of exploiting CVE-2023-31009 include code execution, denial of service, privilege escalation, and information disclosure.
Where can I find more information about CVE-2023-31009?
You can find more information about CVE-2023-31009 at the following link: [NVIDIA Customer Help Center](https://nvidia.custhelp.com/app/answers/detail/a_id/5473)
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/event
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia dgx h100 firmware
- canonical/nvidia dgx h100