NVIDIA DGX H100 baseboard management controller (BMC) contains a vulnerability in a web server plugin, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering.
History

Tue, 24 Sep 2024 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Nvidia dgx H100 Bmc
CPEs cpe:2.3:a:nvidia:dgx_h100_bmc:*:*:*:*:*:*:*:*
Vendors & Products Nvidia dgx H100 Bmc
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: nvidia

Published: 2023-09-20T00:07:01.320Z

Updated: 2024-09-24T15:54:13.035Z

Reserved: 2023-02-07T02:57:25.083Z

Link: CVE-2023-25528

cve-icon Vulnrichment

Updated: 2024-08-02T11:25:19.168Z

cve-icon NVD

Status : Modified

Published: 2023-09-20T01:15:53.253

Modified: 2024-11-21T07:49:40.463

Link: CVE-2023-25528

cve-icon Redhat

No data.