Lucene search
NvidiaCVE-2023-0204HistoryApr 22, 2023 - 3:15 a.m.
CVE-2023-0204
2023-04-2203:15:09
CWE-755
CWE-703
nvidia
web.nvd.nist.gov
28
nvidia
connectx-5
connectx-6
connectx6-dx
nic firmware
vulnerability
denial of service
cve-2023-0204
CVSS3
7.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
AI Score
7.3
Confidence
High
EPSS
0.001
Percentile
33.1%
NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can cause improper handling of exceptional conditions, which may lead to denial of service.
Affected configurations
Node
nvidiaconnectx_firmwareRange<35.1012
nvidiaconnectx-5Match-
ORnvidiaconnectx-6Match-
ORnvidiaconnectx-6-dxMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nvidia | connectx_firmware | * | cpe:2.3:o:nvidia:connectx_firmware:*:*:*:*:*:*:*:* |
| nvidia | connectx-5 | - | cpe:2.3:h:nvidia:connectx-5:-:*:*:*:*:*:*:* |
| nvidia | connectx-6 | - | cpe:2.3:h:nvidia:connectx-6:-:*:*:*:*:*:*:* |
| nvidia | connectx-6-dx | - | cpe:2.3:h:nvidia:connectx-6-dx:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "NVIDIA ConnectX Firmware",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 35.1012"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2023-04-22 03:15:00
cvelist
cvelist
CVE-2023-0204
2023-04-22 02:24:54
nvd
nvd
CVE-2023-0204
2023-04-22 03:15:09
nvidia
nvidia
Security Bulletin: NVIDIA ConnectX - April 2023
2023-04-18 00:00:00
CVSS3
7.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
AI Score
7.3
Confidence
High
EPSS
0.001
Percentile
33.1%
Related for CVE-2023-0204