Vulnerabilites related to intel - distribution_for_python_programming_language
cve-2023-27391
Vulnerability from cvelistv5
Published
2023-08-11 02:37
Modified
2024-10-15 15:08
Severity ?
EPSS score ?
Summary
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI Toolkit and component software installers |
Version: before version 4.3.1.493 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T12:09:43.368Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", tags: [ "x_transferred", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-27391", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T15:08:31.237109Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T15:08:54.960Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Intel(R) oneAPI Toolkit and component software installers", vendor: "n/a", versions: [ { status: "affected", version: "before version 4.3.1.493", }, ], }, ], descriptions: [ { lang: "en", value: "Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "escalation of privilege", lang: "en", }, { cweId: "CWE-284", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-11T02:37:17.469Z", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { name: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", }, ], }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2023-27391", datePublished: "2023-08-11T02:37:17.469Z", dateReserved: "2023-04-07T03:00:04.388Z", dateUpdated: "2024-10-15T15:08:54.960Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-28823
Vulnerability from cvelistv5
Published
2023-08-11 02:37
Modified
2024-10-15 19:05
Severity ?
EPSS score ?
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI Toolkit and component software installers |
Version: before version 4.3.1.493 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T13:51:38.696Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", tags: [ "x_transferred", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-28823", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T19:05:28.498960Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T19:05:50.922Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Intel(R) oneAPI Toolkit and component software installers", vendor: "n/a", versions: [ { status: "affected", version: "before version 4.3.1.493", }, ], }, ], descriptions: [ { lang: "en", value: "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "escalation of privilege", lang: "en", }, { cweId: "CWE-427", description: "Uncontrolled search path", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-11T02:37:17.988Z", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { name: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", }, ], }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2023-28823", datePublished: "2023-08-11T02:37:17.988Z", dateReserved: "2023-04-07T03:00:04.506Z", dateUpdated: "2024-10-15T19:05:50.922Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2023-08-11 03:15
Modified
2024-11-21 07:56
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:*", matchCriteriaId: "2193AD3C-C7CF-47BC-B9C7-043A44263881", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:*", matchCriteriaId: "268A0E9F-941F-4D2A-821D-4D1032458484", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:*", matchCriteriaId: "01C06498-09B0-434E-A9AB-F90225AEDF94", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:dpc\\+\\+_compatibility_tool:*:*:*:*:*:*:*:*", matchCriteriaId: "5449D057-151E-49F1-A4F3-9B59BCABAAED", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*", matchCriteriaId: "EA34171F-6851-4C68-B9DD-E087DA9CD29D", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*", matchCriteriaId: "CB6F5C5E-9330-4957-899F-EA81A7829FCE", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*", matchCriteriaId: "309CC033-7419-45B0-B57E-EDB855D6ED8D", versionEndExcluding: "1.19.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:*", matchCriteriaId: "B2EFA075-DD70-416E-9591-827FAC2AD89F", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*", matchCriteriaId: "BD85FB58-421A-4959-97BD-437D9445767B", versionEndExcluding: "2021.8", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:*", matchCriteriaId: "A27AABCE-03AA-4A04-8950-A7B3AA41829C", versionEndExcluding: "2021.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*", matchCriteriaId: "09DEC669-B8A6-4E41-B34C-F6D2F710D96F", versionEndExcluding: "2021.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "E9B0E003-2303-4BAA-AAB5-E41672DD36A8", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*", matchCriteriaId: "CB4E3234-E4F4-4A1A-92C8-7A71741A2280", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*", matchCriteriaId: "BB8E84AA-7C56-4F06-9CBD-0F8265EA164B", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_dpc\\+\\+\\/c\\+\\+_compiler:*:*:*:*:*:*:*:*", matchCriteriaId: "86839DB5-6A37-456F-8527-E1D6CFF9592D", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_dpc\\+\\+_library_\\(onedpl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "4F404777-A45E-4D04-A459-20440919DA6F", versionEndExcluding: "2022.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "140E6A32-DD35-4BD9-8810-26359D76FEB7", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "2F00829C-D33E-4BF6-A699-16C4E7A9E95B", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*", matchCriteriaId: "0D429AB0-77B9-4F05-B59B-95DFC3DF9D4F", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "7297C4CE-B6AB-4BBA-89DE-CA0865F8CCBB", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*", matchCriteriaId: "72297C84-0B91-4D8E-A87F-235E3DC346E1", versionEndExcluding: "2021.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:*", matchCriteriaId: "7BFF1F97-F77D-496F-97F4-E2A706B6AB33", versionEndExcluding: "4.3.1.493", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*", matchCriteriaId: "E2CF5D27-1C7C-4FDF-B3A0-4EE4047195C6", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*", matchCriteriaId: "65B820BD-07FB-48AC-B3E4-F3DCAB991C9B", versionEndExcluding: "1.4.3", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*", matchCriteriaId: "0158081D-D9FD-4918-ADCF-70AB92230B99", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*", matchCriteriaId: "D02EF185-A6E6-4820-A084-60AD061283A7", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*", matchCriteriaId: "FB7158BB-56CF-40BA-85CF-0B622CC49617", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*", matchCriteriaId: "F034E3C1-6FA9-4F75-80AE-98857F323AA2", versionEndExcluding: "2021.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:*", matchCriteriaId: "21CFEA3C-4017-44FB-9A25-193FE8D65375", versionEndExcluding: "2023.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], id: "CVE-2023-28823", lastModified: "2024-11-21T07:56:05.053", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "secure@intel.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-11T03:15:26.530", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-427", }, ], source: "secure@intel.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-427", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-11 03:15
Modified
2024-11-21 07:52
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:*", matchCriteriaId: "2193AD3C-C7CF-47BC-B9C7-043A44263881", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:*", matchCriteriaId: "268A0E9F-941F-4D2A-821D-4D1032458484", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:*", matchCriteriaId: "01C06498-09B0-434E-A9AB-F90225AEDF94", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:dpc\\+\\+_compatibility_tool:*:*:*:*:*:*:*:*", matchCriteriaId: "5449D057-151E-49F1-A4F3-9B59BCABAAED", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*", matchCriteriaId: "EA34171F-6851-4C68-B9DD-E087DA9CD29D", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*", matchCriteriaId: "CB6F5C5E-9330-4957-899F-EA81A7829FCE", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*", matchCriteriaId: "309CC033-7419-45B0-B57E-EDB855D6ED8D", versionEndExcluding: "1.19.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:*", matchCriteriaId: "B2EFA075-DD70-416E-9591-827FAC2AD89F", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*", matchCriteriaId: "BD85FB58-421A-4959-97BD-437D9445767B", versionEndExcluding: "2021.8", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:*", matchCriteriaId: "A27AABCE-03AA-4A04-8950-A7B3AA41829C", versionEndExcluding: "2021.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*", matchCriteriaId: "09DEC669-B8A6-4E41-B34C-F6D2F710D96F", versionEndExcluding: "2021.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "E9B0E003-2303-4BAA-AAB5-E41672DD36A8", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*", matchCriteriaId: "CB4E3234-E4F4-4A1A-92C8-7A71741A2280", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*", matchCriteriaId: "BB8E84AA-7C56-4F06-9CBD-0F8265EA164B", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_dpc\\+\\+\\/c\\+\\+_compiler:*:*:*:*:*:*:*:*", matchCriteriaId: "86839DB5-6A37-456F-8527-E1D6CFF9592D", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_dpc\\+\\+_library_\\(onedpl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "4F404777-A45E-4D04-A459-20440919DA6F", versionEndExcluding: "2022.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "140E6A32-DD35-4BD9-8810-26359D76FEB7", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "2F00829C-D33E-4BF6-A699-16C4E7A9E95B", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*", matchCriteriaId: "0D429AB0-77B9-4F05-B59B-95DFC3DF9D4F", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "7297C4CE-B6AB-4BBA-89DE-CA0865F8CCBB", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*", matchCriteriaId: "72297C84-0B91-4D8E-A87F-235E3DC346E1", versionEndExcluding: "2021.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:*", matchCriteriaId: "7BFF1F97-F77D-496F-97F4-E2A706B6AB33", versionEndExcluding: "4.3.1.493", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*", matchCriteriaId: "E2CF5D27-1C7C-4FDF-B3A0-4EE4047195C6", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*", matchCriteriaId: "65B820BD-07FB-48AC-B3E4-F3DCAB991C9B", versionEndExcluding: "1.4.3", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*", matchCriteriaId: "0158081D-D9FD-4918-ADCF-70AB92230B99", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*", matchCriteriaId: "D02EF185-A6E6-4820-A084-60AD061283A7", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*", matchCriteriaId: "FB7158BB-56CF-40BA-85CF-0B622CC49617", versionEndExcluding: "2023.1", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*", matchCriteriaId: "F034E3C1-6FA9-4F75-80AE-98857F323AA2", versionEndExcluding: "2021.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:*", matchCriteriaId: "21CFEA3C-4017-44FB-9A25-193FE8D65375", versionEndExcluding: "2023.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.", }, ], id: "CVE-2023-27391", lastModified: "2024-11-21T07:52:48.887", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "secure@intel.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-11T03:15:21.893", references: [ { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "secure@intel.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }