Vulnerability Details CVE-2020-11487
NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with weak ciphers may lead to information disclosure.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2020-11487
-
cpe:2.3:h:nvidia:dgx-1:-
-
cpe:2.3:h:nvidia:dgx-2:-
-
cpe:2.3:h:nvidia:dgx_a100:-
-
cpe:2.3:o:intel:bmc_firmware:-
-
cpe:2.3:o:intel:bmc_firmware:1.06.06
-
cpe:2.3:o:intel:bmc_firmware:2.47
-
cpe:2.3:o:intel:bmc_firmware:3.38.30