Resource Management Vulnerability in NVIDIA FLARE Admin Interface
CVE-2022-21822

7.5HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Flare
Vendor: CVE Published:; 17 March 2022

Summary

NVIDIA FLARE has a vulnerability in its admin interface that permits unauthorized attackers to allocate resources without any constraints or throttling. This lack of control can lead to a potential denial of service, rendering the system unavailable for legitimate users.

Affected Version(s)

NVIDIA FLARE All versions prior to 2.0.16

References

https://github.com/NVIDIA/NVFlare/security/advisories/GHS...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 17, 2022
Vulnerability Reserved
Dec 10, 2021