CVE-2022-22821

2LOW

Key Information:

Vendor: Nvidia
Status: Nemo
Vendor: CVE Published:; 10 January 2022

Summary

NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available.

References

https://github.com/NVIDIA/NeMo/security/advisories/GHSA-r...

x_refsource_MISC

CVSS V3.1

Score:

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 10, 2022
Vulnerability Reserved
Jan 8, 2022