Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information disclosure, escalation of privileges, and data tampering.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
Vulnerability Type
通过时间差异性导致的信息暴露
Vulnerability Title
NVIDIA DGX 安全漏洞
Vulnerability Description
NVIDIA DGX是美国英伟达(NVIDIA)公司的一款应用于深度学习的高性能工作站。 NVIDIA DGX H100存在安全漏洞,该漏洞源于KVM服务存在安全漏洞,允许未经身份验证的攻击者通过观察服务器响应的时间差异来导致其他用户的会话令牌泄漏。
CVSS Information
N/A
Vulnerability Type
N/A