Mellanox OS Vulnerability Could Lead to Escalation of Privileges and Information Disclosure
CVE-2024-0113

8.8HIGH

Key Information:

Vendor: Nvidia
Status: Mellanox Os; Skyway; Metrox-3 Xc; Metrox-2
Vendor: CVE Published:; 12 August 2024

What is CVE-2024-0113?

A vulnerability exists in the web support of NVIDIA Mellanox OS and related products, allowing an attacker to exploit a CGI path traversal through a specifically crafted URI. This vulnerability could lead to unauthorized escalation of privileges and potential information disclosure. Organizations utilizing these products should be aware of this vulnerability to mitigate risks associated with unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Mellanox OS Mellanox OS All versions prior to and including 3.11.4000

Mellanox OS Mellanox OS LTS All versions prior to and including 3.11.2200

Mellanox OS Mellanox OS LTS All versions prior to and including 3.10.4400

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5563

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 12, 2024
Vulnerability Reserved
Dec 2, 2023

JSON

Nvidia

What is CVE-2024-0113?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.