Vulnerability Description
NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Omniverse Launcher | < 1.5.2 |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
References
- https://nvidia.custhelp.com/app/answers/detail/a_id/5318Vendor Advisory
- https://nvidia.custhelp.com/app/answers/detail/a_id/5318Vendor Advisory
FAQ
What is CVE-2022-21817?
CVE-2022-21817 is a vulnerability with a CVSS score of 9.3 (CRITICAL). NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire acces...
How severe is CVE-2022-21817?
CVE-2022-21817 has been rated CRITICAL with a CVSS base score of 9.3/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-21817?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Omniverse Launcher, Linux Linux Kernel, Microsoft Windows.