CVE-2024-28172

Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*

History

06 Sep 2024, 18:36

Type Values Removed Values Added
Summary
  • (es) La ruta de búsqueda no controlada para algunos software Intel(R) Trace Analyzer and Collector anteriores a la versión 2022.1 puede permitir que un usuario autenticado potencialmente habilite la escalada de privilegios a través del acceso local.
References () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01117.html - () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01117.html - Vendor Advisory
CVSS v2 : unknown
v3 : 6.7
v2 : unknown
v3 : 7.3
First Time Intel trace Analyzer And Collector
Intel oneapi Hpc Toolkit
Intel
CPE cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*

14 Aug 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-14 14:15

Updated : 2024-09-06 18:36


NVD link : CVE-2024-28172

Mitre link : CVE-2024-28172

CVE.ORG link : CVE-2024-28172


JSON object : View

Products Affected

intel

  • oneapi_hpc_toolkit
  • trace_analyzer_and_collector
CWE
CWE-427

Uncontrolled Search Path Element