Lucene search

[email protected]NVD:CVE-2022-42275

HistoryJan 13, 2023 - 1:15 a.m.

CVE-2022-42275

2023-01-1301:15:09

CWE-306

CWE-288

[email protected]

web.nvd.nist.gov

nvidia

bmc

ipmi

spi flash

unauthenticated

secureboot

integrity

denial of service

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

EPSS

Percentile

12.6%

JSON

NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and denial of service.

Affected configurations

Nvd

Node

nvidiadgx_a100Match-

AND

nvidiabmcRange<00.19.07

VendorProductVersionCPE
nvidiadgx_a100-cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:*
nvidiabmc*cpe:2.3:o:nvidia:bmc:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nvidia	dgx_a100	-	cpe:2.3:h:nvidia:dgx_a100:-:::::::*
nvidia	bmc	*	cpe:2.3:o:nvidia:bmc::::::::

References

nvidia.custhelp.com/app/answers/detail/a_id/5435

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2022-42275

prion1 cvelist1 cve1 nvidia2