CVE-2023-0205

Published Apr 22, 2023

Last updated 2 years ago

Overview

Description
NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service.
Source
psirt@nvidia.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
7.7
Impact score
4
Exploitability score
3.1
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Severity
HIGH

Weaknesses

nvd@nist.gov
NVD-CWE-Other
psirt@nvidia.com
CWE-1220

Social media

Hype score
Not currently trending

Configurations