{"containers": {"cna": {"affected": [{"product": "NVIDIA Virtual GPU Software", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "vGPU version all version prior to 8.7, all version prior to 11.4, and all version prior to 12.2"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7)"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "denial of service, data tampering, information disclosure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-04-29T18:50:23", "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5172"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@nvidia.com", "ID": "CVE-2021-1082", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "NVIDIA Virtual GPU Software", "version": {"version_data": [{"version_value": "vGPU version all version prior to 8.7, all version prior to 11.4, and all version prior to 12.2"}]}}]}, "vendor_name": "NVIDIA"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7)"}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "denial of service, data tampering, information disclosure"}]}]}, "references": {"reference_data": [{"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5172", "refsource": "CONFIRM", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5172"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:55:18.648Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5172"}]}]}, "cveMetadata": {"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "assignerShortName": "nvidia", "cveId": "CVE-2021-1082", "datePublished": "2021-04-29T18:50:23", "dateReserved": "2020-11-12T00:00:00", "dateUpdated": "2024-08-03T15:55:18.648Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "3797FFB1-321C-4264-B6FA-B69F598BFC15", "versionEndExcluding": "8.7", "versionStartIncluding": "8.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", "matchCriteriaId": "F7AE5C32-E060-44BA-8C13-3D73204191EE", "vulnerable": false}, {"criteria": "cpe:2.3:o:nutanix:ahv:-:*:*:*:*:*:*:*", "matchCriteriaId": "A64905FE-AC41-4804-9F9F-0B24E7323590", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", "matchCriteriaId": "06C8B1C5-6401-45F9-8D3E-47E32067F428", "vulnerable": false}, {"criteria": "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "307BA20A-8302-4D50-850C-F78779FE47D5", "versionEndExcluding": "11.4", "versionStartIncluding": "11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "762561CE-9DB3-4100-BB92-ED35B267FB30", "versionEndExcluding": "12.2", "versionStartIncluding": "12.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", "matchCriteriaId": "F7AE5C32-E060-44BA-8C13-3D73204191EE", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", "matchCriteriaId": "06C8B1C5-6401-45F9-8D3E-47E32067F428", "vulnerable": false}, {"criteria": "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7)"}, {"lang": "es", "value": "El software NVIDIA vGPU contiene una vulnerabilidad en Virtual GPU Manager (plugin vGPU), en la que no es comprobada una longitud de la entrada, lo que puede conllevar a una divulgaci\u00f3n de informaci\u00f3n, manipulaci\u00f3n de datos o denegaci\u00f3n de servicio. vGPU versiones 12.x (anteriores a 12.2), versi\u00f3n 11.x (anteriores a 11.4) y versi\u00f3n 8.x (anterior a 8.7)"}], "id": "CVE-2021-1082", "lastModified": "2024-11-21T05:43:33.690", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "psirt@nvidia.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-04-29T19:15:08.977", "references": [{"source": "psirt@nvidia.com", "tags": ["Vendor Advisory"], "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5172"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5172"}], "sourceIdentifier": "psirt@nvidia.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1284"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}