Vulnerabilites related to intel - oneapi_data_analytics_library
CVE-2023-28823 (GCVE-0-2023-28823)
Vulnerability from cvelistv5
Published
2023-08-11 02:37
Modified
2024-10-15 19:05
CWE
  • escalation of privilege
  • CWE-427 - Uncontrolled search path
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
Impacted products
Vendor Product Version
n/a Intel(R) oneAPI Toolkit and component software installers Version: before version 4.3.1.493
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T13:51:38.696Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html",
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28823",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-15T19:05:28.498960Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-15T19:05:50.922Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) oneAPI Toolkit and component software installers",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "before version 4.3.1.493"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-427",
              "description": "Uncontrolled search path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-11T02:37:17.988Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html",
          "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2023-28823",
    "datePublished": "2023-08-11T02:37:17.988Z",
    "dateReserved": "2023-04-07T03:00:04.506Z",
    "dateUpdated": "2024-10-15T19:05:50.922Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-25905 (GCVE-0-2022-25905)
Vulnerability from cvelistv5
Published
2023-02-16 19:59
Modified
2025-01-27 18:24
CWE
  • escalation of privilege
Summary
Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.
Impacted products
Vendor Product Version
n/a Intel(R) oneAPI Data Analytics Library (oneDAL) for Intel(R) oneAPI Base Toolkit Version: before version 2021.5
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:49:44.152Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html",
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-25905",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-27T17:30:40.608996Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-27T18:24:40.737Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) oneAPI Data Analytics Library (oneDAL) for Intel(R) oneAPI Base Toolkit",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "before version 2021.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-16T19:59:47.318Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html",
          "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2022-25905",
    "datePublished": "2023-02-16T19:59:47.318Z",
    "dateReserved": "2022-03-09T23:14:09.691Z",
    "dateUpdated": "2025-01-27T18:24:40.737Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-27391 (GCVE-0-2023-27391)
Vulnerability from cvelistv5
Published
2023-08-11 02:37
Modified
2024-10-15 15:08
CWE
  • escalation of privilege
  • CWE-284 - Improper access control
Summary
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.
Impacted products
Vendor Product Version
n/a Intel(R) oneAPI Toolkit and component software installers Version: before version 4.3.1.493
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T12:09:43.368Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html",
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-27391",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-15T15:08:31.237109Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-15T15:08:54.960Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) oneAPI Toolkit and component software installers",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "before version 4.3.1.493"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-284",
              "description": "Improper access control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-11T02:37:17.469Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html",
          "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2023-27391",
    "datePublished": "2023-08-11T02:37:17.469Z",
    "dateReserved": "2023-04-07T03:00:04.388Z",
    "dateUpdated": "2024-10-15T15:08:54.960Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22355 (GCVE-0-2023-22355)
Vulnerability from cvelistv5
Published
2023-05-10 13:17
Modified
2025-01-24 17:36
CWE
  • escalation of privilege
  • CWE-427 - Uncontrolled search path
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.
Impacted products
Vendor Product Version
n/a Intel(R) oneAPI Toolkit and component software installers Version: before version 4.3.0.251
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:07:06.156Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html",
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22355",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-24T17:36:23.211884Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-24T17:36:46.630Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) oneAPI Toolkit and component software installers",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "before version 4.3.0.251"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-427",
              "description": "Uncontrolled search path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-10T13:17:14.480Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html",
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2023-22355",
    "datePublished": "2023-05-10T13:17:14.480Z",
    "dateReserved": "2023-01-07T04:00:03.309Z",
    "dateUpdated": "2025-01-24T17:36:46.630Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2023-05-10 14:15
Modified
2024-11-21 07:44
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:advisor:*:*:*:*:*:oneapi:*:*",
              "matchCriteriaId": "ACFF62CB-DC95-4A03-8886-E3DE682ECF45",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:cpu_runtime:*:*:*:*:*:opencl:*:*",
              "matchCriteriaId": "65B36180-4945-4A43-B2AD-B917C6FA052C",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:distribution_for_python:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CF57C55-C87E-428C-9634-158AA00C4717",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:dpc\\+\\+_compatibility_tool:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFA35C90-15A8-492A-82AA-EB90B5A64CC3",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B39BDDD-5AED-4E02-A856-330F54E7660A",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0160EA22-BD65-4674-97A0-D10CE4171895",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CC2A97B-1E5D-4076-BC33-2137275B80EB",
              "versionEndExcluding": "1.18.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:inspector:*:*:*:*:*:oneapi:*:*",
              "matchCriteriaId": "FDDBD13A-D43F-4855-912A-D1AD78C42B63",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1200A0B0-FE28-424D-B225-5A9FBA381F59",
              "versionEndExcluding": "2021.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "92634595-EBED-490B-8C5D-E0628B5671C1",
              "versionEndExcluding": "2021.6.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "73AD7DE0-4634-4760-863D-705CEFF0D531",
              "versionEndExcluding": "2021.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77F68C74-6AEB-4586-A9A1-2AA4CABC992D",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DDFCC4E-E137-40BA-B6A3-9650D8FB9DA9",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12E76EDE-CA0D-4861-80EE-A7A860F2F6AE",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+\\/c\\+\\+_compiler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "91F934F2-5D53-449D-8033-31C01BF99A1E",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF697BE5-6DDE-40AD-853F-CA1C05638E1C",
              "versionEndExcluding": "2022.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6728C973-7E1D-46EB-BE07-E572A09B5D96",
              "versionEndExcluding": "2023.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:2023.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0726E01-A9D7-4D32-92C5-4D7673A7DDC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04049E09-EA46-4270-844A-722AD33E9305",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42A7BFFF-DEB1-42F4-984F-3462DEF40A41",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9962AA12-66F5-4545-88FE-2EF3A671E904",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "85C9E5C6-95FA-4C62-B18A-13FAE13E3AD5",
              "versionEndExcluding": "2021.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installers:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "850130A2-4C4D-4E0A-A5B6-62619B673290",
              "versionEndExcluding": "4.3.0.251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06201FF4-6ED4-4E41-A356-738A4E5F8AEC",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65B820BD-07FB-48AC-B3E4-F3DCAB991C9B",
              "versionEndExcluding": "1.4.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D7C18F6-10F1-49DC-93BC-C5A0A170F404",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DA13265-18CF-46A0-89FE-2249E9DAF597",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BABB997-985A-4BAC-93CA-FB7CD0CE545F",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA7E18CB-DCAF-4EA3-95BE-4FF68783E2C8",
              "versionEndExcluding": "2021.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:vtune_profiler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B852D3CA-B710-4686-9414-5D0FDEF0C4B3",
              "versionEndExcluding": "2023.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access."
    }
  ],
  "id": "CVE-2023-22355",
  "lastModified": "2024-11-21T07:44:37.140",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "secure@intel.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-05-10T14:15:27.240",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "secure@intel.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-02-16 20:15
Modified
2024-11-21 06:53
Summary
Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.
Impacted products
Vendor Product Version
intel oneapi_data_analytics_library *



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F721AD0-F72C-4152-B62F-173D9E8FE22C",
              "versionEndExcluding": "2021.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access."
    }
  ],
  "id": "CVE-2022-25905",
  "lastModified": "2024-11-21T06:53:11.843",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "secure@intel.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-02-16T20:15:12.440",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-08-11 03:15
Modified
2024-11-21 07:56
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2193AD3C-C7CF-47BC-B9C7-043A44263881",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "268A0E9F-941F-4D2A-821D-4D1032458484",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01C06498-09B0-434E-A9AB-F90225AEDF94",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:dpc\\+\\+_compatibility_tool:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5449D057-151E-49F1-A4F3-9B59BCABAAED",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA34171F-6851-4C68-B9DD-E087DA9CD29D",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB6F5C5E-9330-4957-899F-EA81A7829FCE",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "309CC033-7419-45B0-B57E-EDB855D6ED8D",
              "versionEndExcluding": "1.19.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2EFA075-DD70-416E-9591-827FAC2AD89F",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD85FB58-421A-4959-97BD-437D9445767B",
              "versionEndExcluding": "2021.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A27AABCE-03AA-4A04-8950-A7B3AA41829C",
              "versionEndExcluding": "2021.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09DEC669-B8A6-4E41-B34C-F6D2F710D96F",
              "versionEndExcluding": "2021.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9B0E003-2303-4BAA-AAB5-E41672DD36A8",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4E3234-E4F4-4A1A-92C8-7A71741A2280",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB8E84AA-7C56-4F06-9CBD-0F8265EA164B",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+\\/c\\+\\+_compiler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86839DB5-6A37-456F-8527-E1D6CFF9592D",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+_library_\\(onedpl\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F404777-A45E-4D04-A459-20440919DA6F",
              "versionEndExcluding": "2022.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "140E6A32-DD35-4BD9-8810-26359D76FEB7",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F00829C-D33E-4BF6-A699-16C4E7A9E95B",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D429AB0-77B9-4F05-B59B-95DFC3DF9D4F",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7297C4CE-B6AB-4BBA-89DE-CA0865F8CCBB",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72297C84-0B91-4D8E-A87F-235E3DC346E1",
              "versionEndExcluding": "2021.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BFF1F97-F77D-496F-97F4-E2A706B6AB33",
              "versionEndExcluding": "4.3.1.493",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2CF5D27-1C7C-4FDF-B3A0-4EE4047195C6",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65B820BD-07FB-48AC-B3E4-F3DCAB991C9B",
              "versionEndExcluding": "1.4.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0158081D-D9FD-4918-ADCF-70AB92230B99",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D02EF185-A6E6-4820-A084-60AD061283A7",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB7158BB-56CF-40BA-85CF-0B622CC49617",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F034E3C1-6FA9-4F75-80AE-98857F323AA2",
              "versionEndExcluding": "2021.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21CFEA3C-4017-44FB-9A25-193FE8D65375",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access."
    }
  ],
  "id": "CVE-2023-28823",
  "lastModified": "2024-11-21T07:56:05.053",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "secure@intel.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-08-11T03:15:26.530",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "secure@intel.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-08-11 03:15
Modified
2024-11-21 07:52
Summary
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2193AD3C-C7CF-47BC-B9C7-043A44263881",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "268A0E9F-941F-4D2A-821D-4D1032458484",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01C06498-09B0-434E-A9AB-F90225AEDF94",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:dpc\\+\\+_compatibility_tool:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5449D057-151E-49F1-A4F3-9B59BCABAAED",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA34171F-6851-4C68-B9DD-E087DA9CD29D",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB6F5C5E-9330-4957-899F-EA81A7829FCE",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "309CC033-7419-45B0-B57E-EDB855D6ED8D",
              "versionEndExcluding": "1.19.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2EFA075-DD70-416E-9591-827FAC2AD89F",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD85FB58-421A-4959-97BD-437D9445767B",
              "versionEndExcluding": "2021.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A27AABCE-03AA-4A04-8950-A7B3AA41829C",
              "versionEndExcluding": "2021.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09DEC669-B8A6-4E41-B34C-F6D2F710D96F",
              "versionEndExcluding": "2021.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9B0E003-2303-4BAA-AAB5-E41672DD36A8",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4E3234-E4F4-4A1A-92C8-7A71741A2280",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB8E84AA-7C56-4F06-9CBD-0F8265EA164B",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+\\/c\\+\\+_compiler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86839DB5-6A37-456F-8527-E1D6CFF9592D",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+_library_\\(onedpl\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F404777-A45E-4D04-A459-20440919DA6F",
              "versionEndExcluding": "2022.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "140E6A32-DD35-4BD9-8810-26359D76FEB7",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F00829C-D33E-4BF6-A699-16C4E7A9E95B",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D429AB0-77B9-4F05-B59B-95DFC3DF9D4F",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7297C4CE-B6AB-4BBA-89DE-CA0865F8CCBB",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72297C84-0B91-4D8E-A87F-235E3DC346E1",
              "versionEndExcluding": "2021.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BFF1F97-F77D-496F-97F4-E2A706B6AB33",
              "versionEndExcluding": "4.3.1.493",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2CF5D27-1C7C-4FDF-B3A0-4EE4047195C6",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65B820BD-07FB-48AC-B3E4-F3DCAB991C9B",
              "versionEndExcluding": "1.4.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0158081D-D9FD-4918-ADCF-70AB92230B99",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D02EF185-A6E6-4820-A084-60AD061283A7",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB7158BB-56CF-40BA-85CF-0B622CC49617",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F034E3C1-6FA9-4F75-80AE-98857F323AA2",
              "versionEndExcluding": "2021.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21CFEA3C-4017-44FB-9A25-193FE8D65375",
              "versionEndExcluding": "2023.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access."
    }
  ],
  "id": "CVE-2023-27391",
  "lastModified": "2024-11-21T07:52:48.887",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "secure@intel.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-08-11T03:15:21.893",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "secure@intel.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}