CVE-2023-25529
CVSS V2 None
CVSS V3 None
Description
NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information disclosure, escalation of privileges, and data tampering.
Overview
- CVE ID
- CVE-2023-25529
- Assigner
- nvidia
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-09-20T00:08:17.345Z
- Last Modified Date
- 2024-01-25T18:09:15.767Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5473 | |
https://nvidia.custhelp.com/app/answers/detail/a_id/5510 |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-25529 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25529 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-25 17:42:22 | Added to TrackCVE |