Description
NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.
CVSS breakdown
CVSS 3.1
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
High
Availability
High
Affected products
- NVIDIA / BlueField 1All versions prior to 18.31.1014 – All versions prior to 18.31.1014
- NVIDIA / BlueField GAAll versions prior to xx.41.1000 – All versions prior to xx.41.1000
- NVIDIA / BlueField LTS22All versions prior to xx.35.4030 – All versions prior to xx.35.4030
- NVIDIA / BlueField LTS23All versions prior to xx.39.3560 – All versions prior to xx.39.3560
- NVIDIA / ConnectX4All versions prior to 12.28.2302 – All versions prior to 12.28.2302
- NVIDIA / ConnectX4 LXAll versions prior to xx.32.1900 – All versions prior to xx.32.1900
- NVIDIA / ConnectX GAAll versions prior to xx.41.1000 – All versions prior to xx.41.1000
- NVIDIA / ConnectX LTS22All versions prior to xx.35.4030 – All versions prior to xx.35.4030
- NVIDIA / ConnectX LTS23All versions prior to xx.39.3560 – All versions prior to xx.39.3560