{
	"data_type" : "CVE",
	"data_format" : "MITRE",
	"data_version" : "4.0",
	"CVE_data_meta" : {
		"ID" : "CVE-2020-11489",
		"ASSIGNER" : "psirt@nvidia.com",
		"STATE" : "PUBLIC"
	},
	"affects" : {
		"vendor" : {
			"vendor_data" : [
				{
					"vendor_name" : "NVIDIA",
					"product" : {
						"product_data" : [
							{
								"product_name" : "NVIDIA DGX Servers",
								"version" : {
									"version_data" : [
										{
											"version_value" : "All DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06"
										}
									]
								}
							}
						]
					}
				}
			]
		}
	},
	"problemtype" : {
		"problemtype_data" : [
			{
				"description" : [
					{
						"lang" : "eng",
						"value" : "information disclosure"
					}
				]
			}
		]
	},
	"references" : {
		"reference_data" : [
			{
				"refsource" : "CONFIRM",
				"name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5010",
				"url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5010"
			}
		]
	},
	"description" : {
		"description_data" : [
			{
				"lang" : "eng",
				"value" : "NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure."
			}
		]
	}
}