Lucene search
NvidiaCVELIST:CVE-2023-25519HistorySep 12, 2023 - 12:49 a.m.
CVE-2023-25519
2023-09-1200:49:21
CWE-286
nvidia
www.cve.org
nvidia
connectx
firmware
vulnerability
bluefield
data processing unit
user management error
escalation of privileges
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.1%
NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. A successful exploit of this vulnerability may lead to escalation of privileges.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "BlueField 1",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions after 18.24.1000"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BlueField 2 LTS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 24.35.3006"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BlueField 2 GA",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 24.38.1002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BlueField 3 GA",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 32.38.1002"
}
]
}
]Related
cve
cve
CVE-2023-25519
2023-09-12 02:15:10
nvidia
nvidia
Security Bulletin: NVIDIA BlueField Data Processing Unit - September 2023
2023-09-06 00:00:00
prion
prion
Design/Logic Flaw
2023-09-12 02:15:00
nvd
nvd
CVE-2023-25519
2023-09-12 02:15:10
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2023-25519