CVE-2023-31012: Input Validation
First published: Wed Sep 20 2023(Updated: )
NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure.
Credit: psirt@nvidia.com psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Dgx H100 Firmware | <23.08.18 | |
| NVIDIA DGX H100 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this NVIDIA DGX H100 BMC vulnerability?
The vulnerability ID of this NVIDIA DGX H100 BMC vulnerability is CVE-2023-31012.
What is the severity level of CVE-2023-31012?
The severity level of CVE-2023-31012 is high, with a severity value of 8.8.
What is the description of the NVIDIA DGX H100 BMC vulnerability?
The NVIDIA DGX H100 BMC vulnerability allows an attacker to cause improper input validation, which can lead to escalation of privileges and information disclosure.
Which software is affected by this vulnerability?
The NVIDIA DGX H100 Firmware version up to 23.08.18 is affected by this vulnerability.
How can the NVIDIA DGX H100 BMC vulnerability be exploited?
The vulnerability can be exploited by manipulating the REST service to bypass input validation and gain unauthorized privileges or access sensitive information.
- collector/nvd-api
- collector/nvd-index
- agent/event
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/type
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia dgx h100 firmware
- canonical/nvidia dgx h100