Lucene search

[email protected]NVD:CVE-2022-42284

HistoryJan 13, 2023 - 2:15 a.m.

CVE-2022-42284

2023-01-1302:15:08

CWE-312

[email protected]

web.nvd.nist.gov

nvidia

bmc

user passwords

obfuscated form

database

accessible

host

credentials exposure

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

12.6%

JSON

NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. This may lead to a credentials exposure.

Affected configurations

Nvd

Node

nvidiabmcRange<00.19.07

AND

nvidiadgx_a100Match-

VendorProductVersionCPE
nvidiabmc*cpe:2.3:o:nvidia:bmc:*:*:*:*:*:*:*:*
nvidiadgx_a100-cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nvidia	bmc	*	cpe:2.3:o:nvidia:bmc::::::::
nvidia	dgx_a100	-	cpe:2.3:h:nvidia:dgx_a100:-:::::::*

References

nvidia.custhelp.com/app/answers/detail/a_id/5435

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2022-42284

cvelist1 prion1 cve1 nvidia2