CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23243 – NVIDIA Riva gRPC API Missing Authentication for Critical Function Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-23243
11 Mar 2025 — NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to data tampering or denial of service. This vulnerability allows remote attackers to bypass authentication on affected installations of NVIDIA Riva. Authentication is not required to exploit this vulnerability. The specific flaw exists within the riva_quickstart component. The issue results from the lack of authentication prior to allowing access to functiona... • https://nvidia.custhelp.com/app/answers/detail/a_id/5625 • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23242 – NVIDIA Riva Triton Inference Server Missing Authentication Vulnerability
https://notcve.org/view.php?id=CVE-2025-23242
11 Mar 2025 — NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, denial of service, or information disclosure. This vulnerability allows remote attackers to access protected functionality on affected installations of NVIDIA Riva. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the Triton Inference Server. The issu... • https://nvidia.custhelp.com/app/answers/detail/a_id/5625 • CWE-284: Improper Access Control •