CVE-2022-21820 Information

Description

NVIDIA DCGM contains a vulnerability in nvhostengine where a network user can cause detection of error conditions without action which may lead to limited code execution some denial of service escalation of privileges and limited impacts to both data confidentiality and integrity.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Reference

https://nvidia.custhelp.com/app/answers/detail/a_id/5328 http://packetstormsecurity.com/files/167396/NVIDIA-Data-Center-GPU-Manager-Remote-Memory-Corruption.html

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

LOW

Base Severity

6.3