Access Control Flaw in NVIDIA ConnectX Network Interface Cards
CVE-2023-0203

5MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvidia Connectx Firmware
Vendor: CVE Published:; 22 April 2023

Summary

NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX products have a vulnerability that allows an unprivileged user to exploit insufficient granularity in access control. This flaw can potentially lead to a denial of service, impacting the stability and reliability of systems that rely on these network interface cards.

Affected Version(s)

NVIDIA ConnectX Firmware All versions prior to 35.1012

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5459

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Apr 22, 2023
Vulnerability Reserved
Jan 11, 2023