Main Vulnerability Database Vulnerabilities #VU99496

#VU99496 Permissions, Privileges, and Access Controls in ConnectX Firmware and BlueField - CVE-2024-0105

Published: October 30, 2024

Vulnerability identifier: #VU99496

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2024-0105

CWE-ID: CWE-264

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
ConnectX Firmware
BlueField

Software vendor:
nVidia

Description

The vulnerability allows a remote user on the local network to compromise the target system.

The vulnerability exists due to improper handling of insufficient privileges, which leads to denial of service, data tampering and limited information disclosure.

Remediation

Install updates from vendor's website.

External links

https://nvidia.custhelp.com/app/answers/detail/a_id/5562

#VU99496 Permissions, Privileges, and Access Controls in ConnectX Firmware and BlueField - CVE-2024-0105

Description

Remediation

External links

Please verify you're human