CVE-2024-0101

Published Aug 8, 2024

Last updated 2 months ago

CVSS high 7.5

Overview

Description: NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in ipfilter, where improper ipfilter definitions could enable an attacker to cause a failure by attacking the switch. A successful exploit of this vulnerability might lead to denial of service.
Source: psirt@nvidia.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-Other
psirt@nvidia.com: CWE-693

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nvidia:mlnx-os:*:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D34C04D4-8472-4497-8976-A1336CA1730E",
            "versionEndExcluding": "3.11.2002"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nvidia:metrox-2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CBE1921-C790-488B-8B8B-228C4DBC2D7E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nvidia:mlnx-gw:*:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "495C879B-B556-4FF0-9B1A-5196147E8A81",
            "versionEndExcluding": "8.1.4400"
          },
          {
            "criteria": "cpe:2.3:o:nvidia:mlnx-gw:*:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "353A9872-AFB8-4242-9942-0E7C4383DD7D",
            "versionEndExcluding": "8.2.2000"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nvidia:skyway:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "59E40D6B-8182-4448-A57C-E300F9750A7A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nvidia:onyx:*:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26CF254C-1556-4D77-9423-C4DD973B8CE5",
            "versionEndExcluding": "3.10.4402"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:nvidia:nvda-os_xc:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD3E5FC6-48B3-4911-92EE-258F5FDE40FC",
            "versionEndExcluding": "18.2.2000"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nvidia:metrox-3_xc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5440361F-B691-419C-94F1-B457873463B2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References