Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Link | Resource |
---|---|
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
19 May 2023, 13:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-427 | |
CPE | cpe:2.3:a:intel:inspector:*:*:*:*:*:oneapi:*:* cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:dpc\+\+_compatibility_tool:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_dpc\+\+_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:cpu_runtime:*:*:*:*:*:opencl:*:* cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:* cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:* cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:distribution_for_python:*:*:*:*:*:*:*:* cpe:2.3:a:intel:advisor:*:*:*:*:*:oneapi:*:* cpe:2.3:a:intel:integrated_performance_primitives_cryptography:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_dpc\+\+\/c\+\+_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installers:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_hpc_toolkit:2023.0.0:*:*:*:*:*:*:* cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:* cpe:2.3:a:intel:vtune_profiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:* |
|
References | (MISC) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html - Vendor Advisory | |
First Time |
Intel integrated Performance Primitives
Intel oneapi Rendering Toolkit Intel trace Analyzer And Collector Intel vtune Profiler Intel inspector Intel oneapi Video Processing Library Intel cpu Runtime Intel embree Ray Tracing Kernel Library Intel distribution For Python Intel integrated Performance Primitives Cryptography Intel oneapi Iot Toolkit Intel oneapi Base Toolkit Intel ospray Studio Intel oneapi Deep Neural Network Library Intel Intel advisor Intel dpc\+\+ Compatibility Tool Intel ospray Intel mpi Library Intel oneapi Data Analytics Library Intel oneapi Math Kernel Library Intel open Volume Kernel Library Intel fortran Compiler Intel oneapi Toolkit And Component Software Installers Intel implicit Spmd Program Compiler Intel open Image Denoise Intel oneapi Hpc Toolkit Intel oneapi Dpc\+\+\/c\+\+ Compiler Intel oneapi Threading Building Blocks Intel oneapi Dpc\+\+ Library |
10 May 2023, 14:38
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-05-10 14:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-22355
Mitre link : CVE-2023-22355
CVE.ORG link : CVE-2023-22355
JSON object : View
Products Affected
intel
- advisor
- oneapi_dpc\+\+\/c\+\+_compiler
- cpu_runtime
- ospray
- trace_analyzer_and_collector
- oneapi_toolkit_and_component_software_installers
- oneapi_base_toolkit
- distribution_for_python
- oneapi_math_kernel_library
- inspector
- oneapi_threading_building_blocks
- oneapi_data_analytics_library
- oneapi_dpc\+\+_library
- fortran_compiler
- embree_ray_tracing_kernel_library
- oneapi_deep_neural_network_library
- vtune_profiler
- integrated_performance_primitives
- oneapi_rendering_toolkit
- open_image_denoise
- oneapi_iot_toolkit
- dpc\+\+_compatibility_tool
- implicit_spmd_program_compiler
- open_volume_kernel_library
- integrated_performance_primitives_cryptography
- ospray_studio
- oneapi_video_processing_library
- oneapi_hpc_toolkit
- mpi_library
CWE
CWE-427
Uncontrolled Search Path Element