NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to remote code execution.
References
Link | Resource |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5010 | Vendor Advisory |
https://nvidia.custhelp.com/app/answers/detail/a_id/5010 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 04:57
Type | Values Removed | Values Added |
---|---|---|
References | () https://nvidia.custhelp.com/app/answers/detail/a_id/5010 - Vendor Advisory |
Information
Published : 2020-10-29 04:15
Updated : 2024-11-21 04:57
NVD link : CVE-2020-11486
Mitre link : CVE-2020-11486
CVE.ORG link : CVE-2020-11486
JSON object : View
Products Affected
intel
- bmc_firmware
nvidia
- dgx-1
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type