← back
CVE-2022-42287

CVE-2022-42287

CVSS 6 MEDIUMEPSS 0.2%CWE-22
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
13 Jan 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure and data tampering.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Affected products
NVIDIA · NVIDIA DGX servers

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://nvidia.custhelp.com/app/answers/detail/a_id/5435