Lucene search
HistoryAug 08, 2024 - 6:15 p.m.
CVE-2024-0104
nvidia mellanox onyx skyway
metrox-2
metrox-3 xc ldap aaa vulnerability
information disclosure
data tampering
privileges escalation
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
20.0%
NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in the LDAP AAA component, where a user can cause improper access. A successful exploit of this vulnerability might lead to information disclosure, data tampering, and escalation of privileges.
Affected configurations
Node
nvidiamlnx-osRange<3.11.2002-
ORnvidiamlnx-osRange<3.11.2202lts
nvidiametrox-2Match-
Node
nvidiamlnx-gwRange<8.2.2202-
nvidiaskywayMatch-
Node
nvidiaonyxRange<3.10.4402lts
Node
nvidianvda-os_xcRange<18.2.2000
nvidiametrox-3_xcMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nvidia | mlnx-os | * | cpe:2.3:o:nvidia:mlnx-os:*:*:*:*:-:*:*:* |
| nvidia | mlnx-os | * | cpe:2.3:o:nvidia:mlnx-os:*:*:*:*:lts:*:*:* |
| nvidia | metrox-2 | - | cpe:2.3:h:nvidia:metrox-2:-:*:*:*:*:*:*:* |
| nvidia | mlnx-gw | * | cpe:2.3:o:nvidia:mlnx-gw:*:*:*:*:-:*:*:* |
| nvidia | skyway | - | cpe:2.3:h:nvidia:skyway:-:*:*:*:*:*:*:* |
| nvidia | onyx | * | cpe:2.3:o:nvidia:onyx:*:*:*:*:lts:*:*:* |
| nvidia | nvda-os_xc | * | cpe:2.3:o:nvidia:nvda-os_xc:*:*:*:*:*:*:*:* |
| nvidia | metrox-3_xc | - | cpe:2.3:h:nvidia:metrox-3_xc:-:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2024-0104
2024-08-08 18:15:09
cvelist
cvelist
CVE-2024-0104
2024-08-08 17:15:19
vulnrichment
vulnrichment
CVE-2024-0104
2024-08-08 17:15:19
nvidia
nvidia
Security Bulletin: NVIDIA Mellanox OS, ONYX, Skyway, MetroX-3 XC - July 2024
2024-07-23 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
20.0%
Related for NVD:CVE-2024-0104