Lucene search
HistoryApr 22, 2023 - 3:15 a.m.
CVE-2023-0203
nvidia
nic firmware
vulnerability
connectx-5
connectx-6
connectx6-dx
unprivileged users
denial of service
CVSS3
7.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
AI Score
5.7
Confidence
High
EPSS
0.001
Percentile
28.0%
NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service.
Affected configurations
Node
nvidiaconnectx_firmwareRange<35.1012
nvidiaconnectx-5Match-
ORnvidiaconnectx-6Match-
ORnvidiaconnectx-6-dxMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nvidia | connectx_firmware | * | cpe:2.3:o:nvidia:connectx_firmware:*:*:*:*:*:*:*:* |
| nvidia | connectx-5 | - | cpe:2.3:h:nvidia:connectx-5:-:*:*:*:*:*:*:* |
| nvidia | connectx-6 | - | cpe:2.3:h:nvidia:connectx-6:-:*:*:*:*:*:*:* |
| nvidia | connectx-6-dx | - | cpe:2.3:h:nvidia:connectx-6-dx:-:*:*:*:*:*:*:* |
Related
prion
prion
Improper access control
2023-04-22 03:15:00
cvelist
cvelist
CVE-2023-0203
2023-04-22 02:24:15
cve
cve
CVE-2023-0203
2023-04-22 03:15:09
nvidia
nvidia
Security Bulletin: NVIDIA ConnectX - April 2023
2023-04-18 00:00:00
CVSS3
7.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
AI Score
5.7
Confidence
High
EPSS
0.001
Percentile
28.0%
Related for NVD:CVE-2023-0203