NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the authentication flow, where a user’s access token is displayed in the browser user's address bar. An attacker could use this token to impersonate the user to access launcher resources. A successful exploit of this vulnerability may lead to information disclosure.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5472 |
History
Wed, 09 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: nvidia
Published: 2023-08-03T16:34:47.809Z
Updated: 2024-10-09T20:26:41.730Z
Reserved: 2023-02-07T02:57:17.086Z
Link: CVE-2023-25524
Vulnrichment
Updated: 2024-08-02T11:25:19.194Z
NVD
Status : Modified
Published: 2023-08-03T17:15:11.527
Modified: 2024-11-21T07:49:40.013
Link: CVE-2023-25524
Redhat
No data.