Lucene search
NvidiaCVE-2024-0101HistoryAug 08, 2024 - 5:15 p.m.
CVE-2024-0101
2024-08-0817:15:17
CWE-693
nvidia
web.nvd.nist.gov
28
nvidia mellanox onyx
skyway
metrox-2 metrox-3 xc ipfilter vulnerability denial of service
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
17.7%
NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in ipfilter, where improper ipfilter definitions could enable an attacker to cause a failure by attacking the switch. A successful exploit of this vulnerability might lead to denial of service.
Affected configurations
Node
nvidiamlnx-osRange<3.11.2002-
nvidiametrox-2Match-
Node
nvidiamlnx-gwRange<8.1.4400lts
ORnvidiamlnx-gwRange<8.2.2000-
nvidiaskywayMatch-
Node
nvidiaonyxRange<3.10.4402lts
Node
nvidianvda-os_xcRange<18.2.2000
nvidiametrox-3_xcMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nvidia | mlnx-os | * | cpe:2.3:o:nvidia:mlnx-os:*:*:*:*:-:*:*:* |
| nvidia | metrox-2 | - | cpe:2.3:h:nvidia:metrox-2:-:*:*:*:*:*:*:* |
| nvidia | mlnx-gw | * | cpe:2.3:o:nvidia:mlnx-gw:*:*:*:*:lts:*:*:* |
| nvidia | mlnx-gw | * | cpe:2.3:o:nvidia:mlnx-gw:*:*:*:*:-:*:*:* |
| nvidia | skyway | - | cpe:2.3:h:nvidia:skyway:-:*:*:*:*:*:*:* |
| nvidia | onyx | * | cpe:2.3:o:nvidia:onyx:*:*:*:*:lts:*:*:* |
| nvidia | nvda-os_xc | * | cpe:2.3:o:nvidia:nvda-os_xc:*:*:*:*:*:*:*:* |
| nvidia | metrox-3_xc | - | cpe:2.3:h:nvidia:metrox-3_xc:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Mellanox OS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 3.11.1000"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ONYX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 3.10.4300"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Skyway",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 8.2.1000"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Skyway LTS"
],
"product": "Skyway",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 8.1.4300"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"MetroX"
],
"product": "MetroX-3 XC",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 18.2.1000"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"MetroX"
],
"product": "MetroX-2",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 3.11.1000"
}
]
}
]Related
cvelist
cvelist
CVE-2024-0101
2024-08-08 17:11:07
nvd
nvd
CVE-2024-0101
2024-08-08 17:15:17
vulnrichment
vulnrichment
CVE-2024-0101
2024-08-08 17:11:07
nvidia
nvidia
Security Bulletin: NVIDIA Mellanox OS, ONYX, Skyway, MetroX-3 XC - July 2024
2024-07-23 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
17.7%
Related for CVE-2024-0101