Lucene search
NvidiaCVELIST:CVE-2023-25519HistorySep 12, 2023 - 12:49 a.m.
CVE-2023-25519
2023-09-1200:49:21
CWE-286
nvidia
www.cve.org
3
nvidia
connectx
firmware
vulnerability
bluefield
data processing unit
user management error
escalation of privileges
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. A successful exploit of this vulnerability may lead to escalation of privileges.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "BlueField 1",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions after 18.24.1000"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BlueField 2 LTS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 24.35.3006"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BlueField 2 GA",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 24.38.1002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BlueField 3 GA",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 32.38.1002"
}
]
}
]Related
cve
cve
CVE-2023-25519
2023-09-12 02:15:10
nvidia
nvidia
Security Bulletin: NVIDIA BlueField Data Processing Unit - September 2023
2023-09-06 00:00:00
prion
prion
Design/Logic Flaw
2023-09-12 02:15:00
nvd
nvd
CVE-2023-25519
2023-09-12 02:15:10
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Related for CVELIST:CVE-2023-25519