Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Link | Resource |
---|---|
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html | Vendor Advisory |
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:56
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
References | () http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html - Vendor Advisory |
18 Aug 2023, 15:03
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:* cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:* cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:* cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:* cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_dpc\+\+\/c\+\+_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_dpc\+\+_library_\(onedpl\):*:*:*:*:*:*:*:* cpe:2.3:a:intel:dpc\+\+_compatibility_tool:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:* cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:* cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:* cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:* cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:* |
|
References | (MISC) http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.3 |
CWE | CWE-427 |
11 Aug 2023, 03:44
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-11 03:15
Updated : 2024-11-21 07:56
NVD link : CVE-2023-28823
Mitre link : CVE-2023-28823
CVE.ORG link : CVE-2023-28823
JSON object : View
Products Affected
intel
- oneapi_dpc\+\+_library_\(onedpl\)
- mpi_library
- ospray_studio
- dpc\+\+_compatibility_tool
- advisor_for_oneapi
- open_image_denoise
- oneapi_rendering_toolkit
- oneapi_deep_neural_network_library
- oneapi_base_toolkit
- ospray
- distribution_for_python_programming_language
- oneapi_hpc_toolkit
- integrated_performance_primitives
- embree_ray_tracing_kernel_library
- cpu_runtime_for_opencl_applications
- inspector_for_oneapi
- oneapi_video_processing_library
- oneapi_threading_building_blocks
- oneapi_iot_toolkit
- trace_analyzer_and_collector
- ipp_cryptography
- oneapi_dpc\+\+\/c\+\+_compiler
- vtune_profiler_for_oneapi
- implicit_spmd_program_compiler
- oneapi_data_analytics_library
- open_volume_kernel_library
- oneapi_toolkit_and_component_software_installer
- fortran_compiler
- oneapi_math_kernel_library
CWE
CWE-427
Uncontrolled Search Path Element