CVE Vulnerabilities

CVE-2022-21817

Published: Feb 02, 2022 | Modified: Jul 24, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity.

Affected Software

Name Vendor Start Version End Version
Omniverse_launcher Nvidia * 1.5.2 (excluding)

References