Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Link | Resource |
---|---|
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
18 Aug 2023, 15:03
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.3 |
CWE | CWE-427 | |
First Time |
Intel oneapi Toolkit And Component Software Installer
Intel oneapi Iot Toolkit Intel cpu Runtime For Opencl Applications Intel ospray Intel oneapi Threading Building Blocks Intel ipp Cryptography Intel oneapi Rendering Toolkit Intel open Volume Kernel Library Intel open Image Denoise Intel oneapi Dpc\+\+ Library \(onedpl\) Intel oneapi Base Toolkit Intel mpi Library Intel fortran Compiler Intel ospray Studio Intel embree Ray Tracing Kernel Library Intel Intel vtune Profiler For Oneapi Intel implicit Spmd Program Compiler Intel integrated Performance Primitives Intel advisor For Oneapi Intel oneapi Deep Neural Network Library Intel distribution For Python Programming Language Intel oneapi Video Processing Library Intel trace Analyzer And Collector Intel oneapi Data Analytics Library Intel oneapi Math Kernel Library Intel inspector For Oneapi Intel dpc\+\+ Compatibility Tool Intel oneapi Hpc Toolkit Intel oneapi Dpc\+\+\/c\+\+ Compiler |
|
References | (MISC) http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html - Vendor Advisory | |
CPE | cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:* cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_dpc\+\+\/c\+\+_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:* cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:* cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:* cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:* cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:* cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:* cpe:2.3:a:intel:dpc\+\+_compatibility_tool:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_dpc\+\+_library_\(onedpl\):*:*:*:*:*:*:*:* cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:* |
11 Aug 2023, 03:44
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-11 03:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-28823
Mitre link : CVE-2023-28823
CVE.ORG link : CVE-2023-28823
JSON object : View
Products Affected
intel
- cpu_runtime_for_opencl_applications
- oneapi_data_analytics_library
- oneapi_dpc\+\+\/c\+\+_compiler
- oneapi_math_kernel_library
- integrated_performance_primitives
- oneapi_rendering_toolkit
- fortran_compiler
- inspector_for_oneapi
- distribution_for_python_programming_language
- trace_analyzer_and_collector
- oneapi_base_toolkit
- oneapi_threading_building_blocks
- oneapi_dpc\+\+_library_\(onedpl\)
- oneapi_iot_toolkit
- open_image_denoise
- embree_ray_tracing_kernel_library
- oneapi_toolkit_and_component_software_installer
- dpc\+\+_compatibility_tool
- ipp_cryptography
- oneapi_deep_neural_network_library
- oneapi_hpc_toolkit
- ospray_studio
- vtune_profiler_for_oneapi
- mpi_library
- oneapi_video_processing_library
- advisor_for_oneapi
- ospray
- open_volume_kernel_library
- implicit_spmd_program_compiler
CWE
CWE-427
Uncontrolled Search Path Element