9.3
CVE-2022-21817
- EPSS 0.91%
- Veröffentlicht 02.02.2022 13:15:08
- Zuletzt bearbeitet 21.11.2024 06:45:29
- Quelle psirt@nvidia.com
- CVE-Watchlists
- Unerledigt
LoginNVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Nvidia ≫ Omniverse Launcher Version < 1.5.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.91% | 0.751 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
| psirt@nvidia.com | 9.3 | 2.8 | 5.8 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
|