CNNVD-202506-3109 Information

CNNVD ID

CNNVD-202506-3109

Related CVE

CVE-2025-23260

• CNNVD Published: 2025-06-24

Description (Chinese)

NVIDIA AIStore是美国英伟达（NVIDIA）公司的一款为AI应用设计的轻量级存储堆栈。 NVIDIA AIStore存在安全漏洞，该漏洞源于AIS Operator可能允许用户通过ServiceAccount提升k8s集群访问权限，可能导致信息泄露。

Description (English)

NVIDIA AIStore is a lightweight storage stack designed for AI applications by the United States company NVIDIA. NVIDIA AIStore has a security loophole, which stems from the possibility that AIS Operator may allow users to enhance access to the k8s cluster through ServiceAccount, which could lead to the disclosure of information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

NVS365

Published

2025-06-24

Last Modified

2026-02-24

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5660 https://access.redhat.com/security/cve/cve-2025-23260

Patch

https://github.com/NVIDIA/aistore/releases