CVE-2024-0113: Path Traversal
First published: Fri Aug 09 2024(Updated: )
NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. A successful exploit of this vulnerability might lead to escalation of privileges and information disclosure.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Mlnx-os | <3.10.4500 | |
| Nvidia Mlnx-os | <3.12.1002 | |
| Nvidia Mlnx-os | >=3.11.0000<3.11.2302 | |
| Nvidia Onyx | <3.10.4504 | |
| All of | ||
| Any of | ||
| Nvidia Mlnx-gw | <8.1.4500 | |
| Nvidia Mlnx-gw | <8.2.2300 | |
| Nvidia Mga100-hs2 | ||
| All of | ||
| Nvidia Nvda-os Xc | <18.2.2200 | |
| Nvidia Mtq8400-hs2r | ||
| All of | ||
| Nvidia Mlnx-os | <3.12.1002 | |
| Any of | ||
| Nvidia Tq8100-hs2f | ||
| Nvidia Tq8200-hs2f |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/nvidia
- canonical/nvidia mlnx-os
- version/nvidia mlnx-os/3.11.0000
- canonical/nvidia onyx
- canonical/nvidia mlnx-gw
- canonical/nvidia mga100-hs2
- canonical/nvidia nvda-os xc
- canonical/nvidia mtq8400-hs2r
- canonical/nvidia tq8100-hs2f
- canonical/nvidia tq8200-hs2f