CRITICAL🇬🇧 English

CVE-2020-11483

CVSS 9.8v3.1pub. 2020-10-29upd. 2024-11-21

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information disclosure.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Intel Bmc Firmware

    OS
    Intel
    < 3.38.30< 1.06.06
  • Nvidia Dgx 1

    HW
    Nvidia
    wszystkie wersje
  • Nvidia Dgx 2

    HW
    Nvidia
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2020-11486CRITICAL9.8ten sam produkt

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI ...

CVE-2018-12171CRITICAL9.8ten sam produkt

Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may ...

CVE-2023-0207HIGH7.5ten sam produkt

NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at run...

CVE-2023-0200HIGH7.5ten sam produkt

NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can...

CVE-2023-0209HIGH8.2ten sam produkt

NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code execute...