Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Link | Resource |
---|---|
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
18 Aug 2023, 15:03
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.3 |
CWE | CWE-427 | |
CPE | cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:* cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:* cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:* cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:* cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_dpc\+\+\/c\+\+_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_dpc\+\+_library_\(onedpl\):*:*:*:*:*:*:*:* cpe:2.3:a:intel:dpc\+\+_compatibility_tool:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:* cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:* cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:* |
11 Aug 2023, 03:44
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-11 03:15
Updated : 2024-02-05 00:01
NVD link : CVE-2023-28823
Mitre link : CVE-2023-28823
CVE.ORG link : CVE-2023-28823
JSON object : View
Products Affected
intel
- embree_ray_tracing_kernel_library
- dpc\+\+_compatibility_tool
- inspector_for_oneapi
- implicit_spmd_program_compiler
- mpi_library
- oneapi_math_kernel_library
- ospray
- oneapi_hpc_toolkit
- oneapi_video_processing_library
- cpu_runtime_for_opencl_applications
- fortran_compiler
- distribution_for_python_programming_language
- oneapi_toolkit_and_component_software_installer
- oneapi_rendering_toolkit
- trace_analyzer_and_collector
- ospray_studio
- oneapi_data_analytics_library
- oneapi_base_toolkit
- oneapi_dpc\+\+\/c\+\+_compiler
- integrated_performance_primitives
- oneapi_dpc\+\+_library_\(onedpl\)
- ipp_cryptography
- open_volume_kernel_library
- oneapi_iot_toolkit
- oneapi_deep_neural_network_library
- advisor_for_oneapi
- open_image_denoise
- vtune_profiler_for_oneapi
- oneapi_threading_building_blocks
CWE
CWE-427
Uncontrolled Search Path Element