CVE-2021-34398
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA DCGM, all versions prior to 2.2.9, contains a vulnerability in the DIAG module where any user can inject shared libraries into the DCGM server, which is usually running as root, which may lead to privilege escalation, total loss of confidentiality and integrity, and complete denial of service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NVIDIA | NVIDIA Data Center GPU Manager (DCGM) | DCGM versions prior to 2.2.9 | affected |
Weaknesses
- information disclosure, denial of service, loss of integrity
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.