NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of the user login session, leading to the possibility that the user’s account is compromised. This may lead to the targeted user’s data being accessed, altered, or lost.
References
Link | Resource |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5199 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: nvidia
Published: 2021-06-25T19:25:10
Updated: 2021-07-13T11:12:55
Reserved: 2020-11-12T00:00:00
Link: CVE-2021-1073
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-06-25T20:15:08.190
Modified: 2022-07-12T17:42:04.277
Link: CVE-2021-1073
JSON object: View
Redhat Information
No data.
CWE