CVE-2024-0101

HIGH

Nvidia Mlnx-os < 3.11.2002 - Denial of Service

Title source: rule

Description

NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in ipfilter, where improper ipfilter definitions could enable an attacker to cause a failure by attacking the switch. A successful exploit of this vulnerability might lead to denial of service.

References (1)

[Vendor Advisory] https://nvidia.custhelp.com/app/answers/detail/a_id/5559

Scores

CVSS v3 7.5

EPSS 0.0061

EPSS Percentile 69.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-693

Status published

Affected Products (5)

nvidia/mlnx-os < 3.11.2002

nvidia/mlnx-gw < 8.1.4400

nvidia/mlnx-gw < 8.2.2000

nvidia/onyx < 3.10.4402

nvidia/nvda-os_xc < 18.2.2000

Timeline

Published Aug 08, 2024

Tracked Since Feb 18, 2026