Skip to main content

Delegated License Service CVE-2026-24241

MEDIUM
Improper Authentication (CWE-287)
2026-02-24 psirt@nvidia.com
4.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Feb 24, 2026 - 20:27 nvd
MEDIUM 4.3

DescriptionCVE.org

NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker could exploit an improper authentication issue. A successful exploit of this vulnerability might lead to information disclosure.

AnalysisAI

NVIDIA Delegated Licensing Service on all appliance platforms contains an authentication bypass that allows adjacent network attackers to access sensitive information without credentials. The vulnerability requires no user interaction and affects the confidentiality of the service, though no patch is currently available.

Technical ContextAI

Classified as CWE-287 (Improper Authentication). Affects Delegated License Service. NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker could exploit an improper authentication issue. A successful exploit of this vulnerability might lead to information disclosure.

RemediationAI

Monitor vendor advisories for a patch.

Share

CVE-2026-24241 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy