Uncontrolled search path element in the Intel(R) oneAPI Collective Communications Library (oneCCL) before version 2021.6 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Link | Resource |
---|---|
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html | Vendor Advisory |
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html | Vendor Advisory |
Configurations
History
21 Nov 2024, 06:53
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
References | () http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html - Vendor Advisory |
28 Feb 2023, 19:19
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-427 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.3 |
References | (MISC) http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html - Vendor Advisory | |
CPE | cpe:2.3:a:intel:oneapi_collective_communications_library:*:*:*:*:*:*:*:* |
17 Feb 2023, 12:52
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-16 20:15
Updated : 2024-11-21 06:53
NVD link : CVE-2022-26425
Mitre link : CVE-2022-26425
CVE.ORG link : CVE-2022-26425
JSON object : View
Products Affected
intel
- oneapi_collective_communications_library
CWE
CWE-427
Uncontrolled Search Path Element