Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
| Link | Resource |
|---|---|
| http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
18 Aug 2023, 15:03
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.3 |
| CWE | CWE-427 | |
| CPE | cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:* cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:* cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:* cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:* cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_dpc\+\+\/c\+\+_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_dpc\+\+_library_\(onedpl\):*:*:*:*:*:*:*:* cpe:2.3:a:intel:dpc\+\+_compatibility_tool:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:* cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:* cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:* |
11 Aug 2023, 03:44
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-08-11 03:15
Updated : 2024-02-05 00:01
NVD link : CVE-2023-28823
Mitre link : CVE-2023-28823
CVE.ORG link : CVE-2023-28823
JSON object : View
Products Affected
intel
- embree_ray_tracing_kernel_library
- dpc\+\+_compatibility_tool
- inspector_for_oneapi
- implicit_spmd_program_compiler
- mpi_library
- oneapi_math_kernel_library
- ospray
- oneapi_hpc_toolkit
- oneapi_video_processing_library
- cpu_runtime_for_opencl_applications
- fortran_compiler
- distribution_for_python_programming_language
- oneapi_toolkit_and_component_software_installer
- oneapi_rendering_toolkit
- trace_analyzer_and_collector
- ospray_studio
- oneapi_data_analytics_library
- oneapi_base_toolkit
- oneapi_dpc\+\+\/c\+\+_compiler
- integrated_performance_primitives
- oneapi_dpc\+\+_library_\(onedpl\)
- ipp_cryptography
- open_volume_kernel_library
- oneapi_iot_toolkit
- oneapi_deep_neural_network_library
- advisor_for_oneapi
- open_image_denoise
- vtune_profiler_for_oneapi
- oneapi_threading_building_blocks
CWE
CWE-427
Uncontrolled Search Path Element