Lucene search

[email protected]CVE-2023-0203

HistoryApr 22, 2023 - 3:15 a.m.

CVE-2023-0203

2023-04-2203:15:09

CWE-1220

[email protected]

web.nvd.nist.gov

cve-2023-0203

nvidia

connectx-5

connectx-6

connectx6-dx

nic firmware

vulnerability

unprivileged user

denial of service

7.7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.1%

JSON

NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service.

Affected configurations

NVD

Node

nvidiaconnectx_firmwareRange<35.1012

AND

nvidiaconnectx-5Match-

nvidiaconnectx-6Match-

nvidiaconnectx-6-dxMatch-

CPENameOperatorVersion
nvidia:connectx_firmwarenvidia connectx firmwarelt35.1012

CPE	Name	Operator	Version
nvidia:connectx_firmware	nvidia connectx firmware	lt	35.1012

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "NVIDIA ConnectX Firmware",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to 35.1012"
      }
    ]
  }
]

References

nvidia.custhelp.com/app/answers/detail/a_id/5459

7.7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.1%

JSON

Related for CVE-2023-0203

nvd1 cvelist1 prion1 nvidia1