NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. A successful exploit of this vulnerability might lead to escalation of privileges and information disclosure.
References
Link | Resource |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5563 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
11 Sep 2024, 17:34
Type | Values Removed | Values Added |
---|---|---|
First Time |
Nvidia
Nvidia metrox-2 Nvidia metrox-3 Xc Nvidia skyway Nvidia onyx Nvidia mellanox Os |
|
CPE | cpe:2.3:h:nvidia:metrox-3_xc:*:*:*:*:*:metrox:*:* cpe:2.3:o:nvidia:onyx:*:*:*:*:onyx_lts:*:*:* cpe:2.3:h:nvidia:skyway:*:*:*:*:*:skyway:*:* cpe:2.3:o:nvidia:mellanox_os:*:*:*:*:*:mellanox_os_lts:*:* cpe:2.3:h:nvidia:skyway:*:*:*:*:*:skyway_lts:*:* cpe:2.3:o:nvidia:mellanox_os:*:*:*:*:*:mellanox_os:*:* cpe:2.3:h:nvidia:metrox-2:*:*:*:*:*:metrox:*:* |
|
References | () https://nvidia.custhelp.com/app/answers/detail/a_id/5563 - Vendor Advisory | |
Summary |
|
|
CWE | CWE-22 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
12 Aug 2024, 13:41
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-12 13:38
Updated : 2024-09-11 17:34
NVD link : CVE-2024-0113
Mitre link : CVE-2024-0113
CVE.ORG link : CVE-2024-0113
JSON object : View
Products Affected
nvidia
- onyx
- metrox-3_xc
- metrox-2
- skyway
- mellanox_os