Vulnerabilites related to intel - oneapi_data_analytics_library
CVE-2023-28823 (GCVE-0-2023-28823)
Vulnerability from cvelistv5
Published
2023-08-11 02:37
Modified
2024-10-15 19:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
- CWE-427 - Uncontrolled search path
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) oneAPI Toolkit and component software installers |
Version: before version 4.3.1.493 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T13:51:38.696Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", "tags": [ "x_transferred" ], "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-28823", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-15T19:05:28.498960Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-15T19:05:50.922Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Intel(R) oneAPI Toolkit and component software installers", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 4.3.1.493" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en" }, { "cweId": "CWE-427", "description": "Uncontrolled search path", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-11T02:37:17.988Z", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html" } ] } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2023-28823", "datePublished": "2023-08-11T02:37:17.988Z", "dateReserved": "2023-04-07T03:00:04.506Z", "dateUpdated": "2024-10-15T19:05:50.922Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-25905 (GCVE-0-2022-25905)
Vulnerability from cvelistv5
Published
2023-02-16 19:59
Modified
2025-01-27 18:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) oneAPI Data Analytics Library (oneDAL) for Intel(R) oneAPI Base Toolkit |
Version: before version 2021.5 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:49:44.152Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html", "tags": [ "x_transferred" ], "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-25905", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-01-27T17:30:40.608996Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-27T18:24:40.737Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Intel(R) oneAPI Data Analytics Library (oneDAL) for Intel(R) oneAPI Base Toolkit", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 2021.5" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-16T19:59:47.318Z", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html", "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html" } ] } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2022-25905", "datePublished": "2023-02-16T19:59:47.318Z", "dateReserved": "2022-03-09T23:14:09.691Z", "dateUpdated": "2025-01-27T18:24:40.737Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-27391 (GCVE-0-2023-27391)
Vulnerability from cvelistv5
Published
2023-08-11 02:37
Modified
2024-10-15 15:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
- CWE-284 - Improper access control
Summary
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) oneAPI Toolkit and component software installers |
Version: before version 4.3.1.493 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:09:43.368Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", "tags": [ "x_transferred" ], "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-27391", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-15T15:08:31.237109Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-15T15:08:54.960Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Intel(R) oneAPI Toolkit and component software installers", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 4.3.1.493" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en" }, { "cweId": "CWE-284", "description": "Improper access control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-11T02:37:17.469Z", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html" } ] } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2023-27391", "datePublished": "2023-08-11T02:37:17.469Z", "dateReserved": "2023-04-07T03:00:04.388Z", "dateUpdated": "2024-10-15T15:08:54.960Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-22355 (GCVE-0-2023-22355)
Vulnerability from cvelistv5
Published
2023-05-10 13:17
Modified
2025-01-24 17:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
- CWE-427 - Uncontrolled search path
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) oneAPI Toolkit and component software installers |
Version: before version 4.3.0.251 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T10:07:06.156Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html", "tags": [ "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-22355", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-01-24T17:36:23.211884Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-24T17:36:46.630Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Intel(R) oneAPI Toolkit and component software installers", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before version 4.3.0.251" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "escalation of privilege", "lang": "en" }, { "cweId": "CWE-427", "description": "Uncontrolled search path", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-10T13:17:14.480Z", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html" } ] } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2023-22355", "datePublished": "2023-05-10T13:17:14.480Z", "dateReserved": "2023-01-07T04:00:03.309Z", "dateUpdated": "2025-01-24T17:36:46.630Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Vulnerability from fkie_nvd
Published
2023-05-10 14:15
Modified
2024-11-21 07:44
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:intel:advisor:*:*:*:*:*:oneapi:*:*", "matchCriteriaId": "ACFF62CB-DC95-4A03-8886-E3DE682ECF45", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:cpu_runtime:*:*:*:*:*:opencl:*:*", "matchCriteriaId": "65B36180-4945-4A43-B2AD-B917C6FA052C", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:distribution_for_python:*:*:*:*:*:*:*:*", "matchCriteriaId": "1CF57C55-C87E-428C-9634-158AA00C4717", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:dpc\\+\\+_compatibility_tool:*:*:*:*:*:*:*:*", "matchCriteriaId": "EFA35C90-15A8-492A-82AA-EB90B5A64CC3", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B39BDDD-5AED-4E02-A856-330F54E7660A", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "0160EA22-BD65-4674-97A0-D10CE4171895", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "3CC2A97B-1E5D-4076-BC33-2137275B80EB", "versionEndExcluding": "1.18.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:inspector:*:*:*:*:*:oneapi:*:*", "matchCriteriaId": "FDDBD13A-D43F-4855-912A-D1AD78C42B63", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*", "matchCriteriaId": "1200A0B0-FE28-424D-B225-5A9FBA381F59", "versionEndExcluding": "2021.7", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:*:*:*:*:*:*:*:*", "matchCriteriaId": "92634595-EBED-490B-8C5D-E0628B5671C1", "versionEndExcluding": "2021.6.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "73AD7DE0-4634-4760-863D-705CEFF0D531", "versionEndExcluding": "2021.8", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "77F68C74-6AEB-4586-A9A1-2AA4CABC992D", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "6DDFCC4E-E137-40BA-B6A3-9650D8FB9DA9", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "12E76EDE-CA0D-4861-80EE-A7A860F2F6AE", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+\\/c\\+\\+_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "91F934F2-5D53-449D-8033-31C01BF99A1E", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF697BE5-6DDE-40AD-853F-CA1C05638E1C", "versionEndExcluding": "2022.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "6728C973-7E1D-46EB-BE07-E572A09B5D96", "versionEndExcluding": "2023.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:2023.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0726E01-A9D7-4D32-92C5-4D7673A7DDC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "04049E09-EA46-4270-844A-722AD33E9305", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "42A7BFFF-DEB1-42F4-984F-3462DEF40A41", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "9962AA12-66F5-4545-88FE-2EF3A671E904", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*", "matchCriteriaId": "85C9E5C6-95FA-4C62-B18A-13FAE13E3AD5", "versionEndExcluding": "2021.8", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installers:*:*:*:*:*:*:*:*", "matchCriteriaId": "850130A2-4C4D-4E0A-A5B6-62619B673290", "versionEndExcluding": "4.3.0.251", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "06201FF4-6ED4-4E41-A356-738A4E5F8AEC", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*", "matchCriteriaId": "65B820BD-07FB-48AC-B3E4-F3DCAB991C9B", "versionEndExcluding": "1.4.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D7C18F6-10F1-49DC-93BC-C5A0A170F404", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*", "matchCriteriaId": "0DA13265-18CF-46A0-89FE-2249E9DAF597", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "1BABB997-985A-4BAC-93CA-FB7CD0CE545F", "versionEndExcluding": "2023.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA7E18CB-DCAF-4EA3-95BE-4FF68783E2C8", "versionEndExcluding": "2021.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:vtune_profiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "B852D3CA-B710-4686-9414-5D0FDEF0C4B3", "versionEndExcluding": "2023.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "id": "CVE-2023-22355", "lastModified": "2024-11-21T07:44:37.140", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "secure@intel.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-05-10T14:15:27.240", "references": [ { "source": "secure@intel.com", "tags": [ "Vendor Advisory" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html" } ], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-427" } ], "source": "secure@intel.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-427" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-02-16 20:15
Modified
2024-11-21 06:53
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
intel | oneapi_data_analytics_library | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F721AD0-F72C-4152-B62F-173D9E8FE22C", "versionEndExcluding": "2021.5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "id": "CVE-2022-25905", "lastModified": "2024-11-21T06:53:11.843", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "secure@intel.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.3, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-02-16T20:15:12.440", "references": [ { "source": "secure@intel.com", "tags": [ "Vendor Advisory" ], "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html" } ], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-427" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-08-11 03:15
Modified
2024-11-21 07:56
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:*", "matchCriteriaId": "2193AD3C-C7CF-47BC-B9C7-043A44263881", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:*", "matchCriteriaId": "268A0E9F-941F-4D2A-821D-4D1032458484", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:*", "matchCriteriaId": "01C06498-09B0-434E-A9AB-F90225AEDF94", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:dpc\\+\\+_compatibility_tool:*:*:*:*:*:*:*:*", "matchCriteriaId": "5449D057-151E-49F1-A4F3-9B59BCABAAED", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA34171F-6851-4C68-B9DD-E087DA9CD29D", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB6F5C5E-9330-4957-899F-EA81A7829FCE", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "309CC033-7419-45B0-B57E-EDB855D6ED8D", "versionEndExcluding": "1.19.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2EFA075-DD70-416E-9591-827FAC2AD89F", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD85FB58-421A-4959-97BD-437D9445767B", "versionEndExcluding": "2021.8", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:*", "matchCriteriaId": "A27AABCE-03AA-4A04-8950-A7B3AA41829C", "versionEndExcluding": "2021.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "09DEC669-B8A6-4E41-B34C-F6D2F710D96F", "versionEndExcluding": "2021.9.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9B0E003-2303-4BAA-AAB5-E41672DD36A8", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB4E3234-E4F4-4A1A-92C8-7A71741A2280", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB8E84AA-7C56-4F06-9CBD-0F8265EA164B", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+\\/c\\+\\+_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "86839DB5-6A37-456F-8527-E1D6CFF9592D", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+_library_\\(onedpl\\):*:*:*:*:*:*:*:*", "matchCriteriaId": "4F404777-A45E-4D04-A459-20440919DA6F", "versionEndExcluding": "2022.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "140E6A32-DD35-4BD9-8810-26359D76FEB7", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "2F00829C-D33E-4BF6-A699-16C4E7A9E95B", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D429AB0-77B9-4F05-B59B-95DFC3DF9D4F", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "7297C4CE-B6AB-4BBA-89DE-CA0865F8CCBB", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*", "matchCriteriaId": "72297C84-0B91-4D8E-A87F-235E3DC346E1", "versionEndExcluding": "2021.9.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:*", "matchCriteriaId": "7BFF1F97-F77D-496F-97F4-E2A706B6AB33", "versionEndExcluding": "4.3.1.493", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2CF5D27-1C7C-4FDF-B3A0-4EE4047195C6", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*", "matchCriteriaId": "65B820BD-07FB-48AC-B3E4-F3DCAB991C9B", "versionEndExcluding": "1.4.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "0158081D-D9FD-4918-ADCF-70AB92230B99", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*", "matchCriteriaId": "D02EF185-A6E6-4820-A084-60AD061283A7", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "FB7158BB-56CF-40BA-85CF-0B622CC49617", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*", "matchCriteriaId": "F034E3C1-6FA9-4F75-80AE-98857F323AA2", "versionEndExcluding": "2021.9.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:*", "matchCriteriaId": "21CFEA3C-4017-44FB-9A25-193FE8D65375", "versionEndExcluding": "2023.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access." } ], "id": "CVE-2023-28823", "lastModified": "2024-11-21T07:56:05.053", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "secure@intel.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.3, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-08-11T03:15:26.530", "references": [ { "source": "secure@intel.com", "tags": [ "Vendor Advisory" ], "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html" } ], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-427" } ], "source": "secure@intel.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-427" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-08-11 03:15
Modified
2024-11-21 07:52
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:*", "matchCriteriaId": "2193AD3C-C7CF-47BC-B9C7-043A44263881", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:*", "matchCriteriaId": "268A0E9F-941F-4D2A-821D-4D1032458484", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:*", "matchCriteriaId": "01C06498-09B0-434E-A9AB-F90225AEDF94", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:dpc\\+\\+_compatibility_tool:*:*:*:*:*:*:*:*", "matchCriteriaId": "5449D057-151E-49F1-A4F3-9B59BCABAAED", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA34171F-6851-4C68-B9DD-E087DA9CD29D", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB6F5C5E-9330-4957-899F-EA81A7829FCE", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "309CC033-7419-45B0-B57E-EDB855D6ED8D", "versionEndExcluding": "1.19.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2EFA075-DD70-416E-9591-827FAC2AD89F", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD85FB58-421A-4959-97BD-437D9445767B", "versionEndExcluding": "2021.8", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:*", "matchCriteriaId": "A27AABCE-03AA-4A04-8950-A7B3AA41829C", "versionEndExcluding": "2021.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "09DEC669-B8A6-4E41-B34C-F6D2F710D96F", "versionEndExcluding": "2021.9.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9B0E003-2303-4BAA-AAB5-E41672DD36A8", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB4E3234-E4F4-4A1A-92C8-7A71741A2280", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB8E84AA-7C56-4F06-9CBD-0F8265EA164B", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+\\/c\\+\\+_compiler:*:*:*:*:*:*:*:*", "matchCriteriaId": "86839DB5-6A37-456F-8527-E1D6CFF9592D", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+_library_\\(onedpl\\):*:*:*:*:*:*:*:*", "matchCriteriaId": "4F404777-A45E-4D04-A459-20440919DA6F", "versionEndExcluding": "2022.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "140E6A32-DD35-4BD9-8810-26359D76FEB7", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "2F00829C-D33E-4BF6-A699-16C4E7A9E95B", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D429AB0-77B9-4F05-B59B-95DFC3DF9D4F", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "7297C4CE-B6AB-4BBA-89DE-CA0865F8CCBB", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*", "matchCriteriaId": "72297C84-0B91-4D8E-A87F-235E3DC346E1", "versionEndExcluding": "2021.9.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:*", "matchCriteriaId": "7BFF1F97-F77D-496F-97F4-E2A706B6AB33", "versionEndExcluding": "4.3.1.493", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2CF5D27-1C7C-4FDF-B3A0-4EE4047195C6", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*", "matchCriteriaId": "65B820BD-07FB-48AC-B3E4-F3DCAB991C9B", "versionEndExcluding": "1.4.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "0158081D-D9FD-4918-ADCF-70AB92230B99", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*", "matchCriteriaId": "D02EF185-A6E6-4820-A084-60AD061283A7", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "FB7158BB-56CF-40BA-85CF-0B622CC49617", "versionEndExcluding": "2023.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*", "matchCriteriaId": "F034E3C1-6FA9-4F75-80AE-98857F323AA2", "versionEndExcluding": "2021.9.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:*", "matchCriteriaId": "21CFEA3C-4017-44FB-9A25-193FE8D65375", "versionEndExcluding": "2023.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access." } ], "id": "CVE-2023-27391", "lastModified": "2024-11-21T07:52:48.887", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "secure@intel.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-08-11T03:15:21.893", "references": [ { "source": "secure@intel.com", "tags": [ "Vendor Advisory" ], "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html" } ], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-284" } ], "source": "secure@intel.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }