CVE-2021-34398
CVE-2021-34398
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.8EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
13 Aug 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
NVIDIA DCGM, all versions prior to 2.2.9, contains a vulnerability in the DIAG module where any user can inject shared libraries into the DCGM server, which is usually running as root, which may lead to privilege escalation, total loss of confidentiality and integrity, and complete denial of service.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
NVIDIA · NVIDIA Data Center GPU Manager (DCGM)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →