Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2020-11616

Disclosure Date: October 29, 2020
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which the Pseudo-Random Number Generator (PRNG) algorithm used in the JSOL package that implements the IPMI protocol is not cryptographically strong, which may lead to information disclosure.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Vendors

  • NVIDIA

Products

  • NVIDIA DGX Servers

Additional Info

Technical Analysis