CVE-2023-31037
7.2HIGH
Key Information
- Vendor
- NVIDIA
- Status
- Bluefield 2 DPU BMC, BlueField 3 DPU BMC
- Vendor
- CVE Published:
- 24 January 2024
Summary
NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. A successful exploit of this vulnerability may lead to code execution on the OS.
Affected Version(s)
Bluefield 2 DPU BMC, BlueField 3 DPU BMC = LTS:2.8.2-46, 23.04, 23.07, 23.09
Refferences
CVSS V3.1
Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database