IPMI Handler Vulnerability in NVIDIA BMC
CVE-2022-42288
5.3MEDIUM
Summary
A vulnerability exists in the IPMI handler of NVIDIA BMC that allows unauthorized attackers to exploit certain oracles to deduce a valid BMC username, potentially leading to sensitive information being disclosed. This security flaw raises significant concerns regarding the integrity of systems utilizing NVIDIA BMC, underscoring the need for timely updates and mitigations.
Affected Version(s)
NVIDIA DGX servers All BMC firmware versions prior to 00.19.07
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved