NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the authentication flow, where a user’s access token is displayed in the browser user's address bar. An attacker could use this token to impersonate the user to access launcher resources. A successful exploit of this vulnerability may lead to information disclosure.
History

Wed, 09 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: nvidia

Published: 2023-08-03T16:34:47.809Z

Updated: 2024-10-09T20:26:41.730Z

Reserved: 2023-02-07T02:57:17.086Z

Link: CVE-2023-25524

cve-icon Vulnrichment

Updated: 2024-08-02T11:25:19.194Z

cve-icon NVD

Status : Modified

Published: 2023-08-03T17:15:11.527

Modified: 2024-11-21T07:49:40.013

Link: CVE-2023-25524

cve-icon Redhat

No data.