Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Nvidia Subscribe
Filtered by product Dgx-1

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11616 2 Intel, Nvidia 2 Bmc Firmware, Dgx-1 2021-07-21 5.0 MEDIUM 7.5 HIGH
NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which the Pseudo-Random Number Generator (PRNG) algorithm used in the JSOL package that implements the IPMI protocol is not cryptographically strong, which may lead to information disclosure.
CVE-2020-11489 2 Intel, Nvidia 3 Bmc Firmware, Dgx-1, Dgx-2 2021-07-21 5.0 MEDIUM 7.5 HIGH
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure.
CVE-2020-11487 2 Intel, Nvidia 4 Bmc Firmware, Dgx-1, Dgx-2 and 1 more 2020-11-12 5.0 MEDIUM 7.5 HIGH
NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with weak ciphers may lead to information disclosure.
CVE-2020-11485 2 Intel, Nvidia 2 Bmc Firmware, Dgx-1 2020-11-05 6.8 MEDIUM 8.8 HIGH
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request, which can lead to information disclosure or code execution.
CVE-2020-11615 2 Intel, Nvidia 2 Bmc Firmware, Dgx-1 2020-11-05 5.0 MEDIUM 7.5 HIGH
NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure.