Search criteria
66 vulnerabilities found for trace_analyzer_and_collector by intel
FKIE_CVE-2024-28172
Vulnerability from fkie_nvd - Published: 2024-08-14 14:15 - Updated: 2024-09-06 18:36
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | oneapi_hpc_toolkit | * | |
| intel | trace_analyzer_and_collector | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9196A19-04EC-4003-A972-F122359FE263",
"versionEndExcluding": "2024.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "863038B9-7A66-4B54-86A8-4FFABE20A8BA",
"versionEndExcluding": "2022.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access."
},
{
"lang": "es",
"value": "La ruta de b\u00fasqueda no controlada para algunos software Intel(R) Trace Analyzer and Collector anteriores a la versi\u00f3n 2022.1 puede permitir que un usuario autenticado potencialmente habilite la escalada de privilegios a trav\u00e9s del acceso local."
}
],
"id": "CVE-2024-28172",
"lastModified": "2024-09-06T18:36:10.863",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "secure@intel.com",
"type": "Secondary"
}
]
},
"published": "2024-08-14T14:15:25.280",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01117.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-35121
Vulnerability from fkie_nvd - Published: 2024-02-14 14:16 - Updated: 2026-01-14 18:13
Severity ?
Summary
Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | advisor | * | |
| intel | cluster_checker | 2021.7.3 | |
| intel | distribution_for_python | 2023.1 | |
| intel | inspector | * | |
| intel | integrated_performance_primitives | 2021.9 | |
| intel | integrated_performance_primitives_cryptography | * | |
| intel | mpi_library | * | |
| intel | oneapi_ai_analytics_toolkit | 2023.2 | |
| intel | oneapi_base_toolkit | * | |
| intel | oneapi_base_toolkit | 2023.2 | |
| intel | oneapi_deep_neural_network | * | |
| intel | oneapi_deep_neural_network | 2023.2 | |
| intel | oneapi_hpc_toolkit | 2023.2 | |
| intel | oneapi_iot_toolkit | 2023.2 | |
| intel | oneapi_math_kernel_library | * | |
| intel | threading_building_blocks | * | |
| intel | trace_analyzer_and_collector | 2021.10.0 | |
| intel | vtune_profiler | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:advisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F19FC1B-ABBC-4AD1-A3EF-FEF6CA6DF90C",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:cluster_checker:2021.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "535F8418-033A-4EAC-9E9B-2BBA83CB885B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:distribution_for_python:2023.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7A8ABC-B220-46D2-A6CE-FDEE08388C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:inspector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8676B2-8B07-4489-AE24-5AFF7B318E73",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives:2021.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2EE063-5A38-40DD-A2C3-BF10664085AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA1F6A6-E2FC-4243-81E3-2E8CA4AA4CD2",
"versionEndExcluding": "2021.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B7FC0C-D3DA-40A2-8D69-2056656F84A0",
"versionEndExcluding": "2021.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_ai_analytics_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "16B6BCCB-F33F-49B6-B87B-CC93E30C82B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7E4E29-75C3-4B97-AB86-C82A3214D558",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11501F04-FAA8-44F9-BD4F-105458A6252B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6DA864-1A74-4706-832B-2D8453A55D06",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "76639D6F-2583-455B-8A0E-7B412C18C485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E2D9438-CC9E-4070-97E6-6300064CF136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "776C3236-F480-446D-93ED-E1A8D9CBA108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF32E88-710F-4622-AC69-4E6A04B8F9D4",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:threading_building_blocks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD857AA-0809-464A-A0FF-13CF527A83AE",
"versionEndExcluding": "2021.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:2021.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68072344-62DC-40C5-9704-1ABCF20E1701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:vtune_profiler:*:*:*:*:*:-:*:*",
"matchCriteriaId": "ABB740DA-24E8-44DF-9E15-C12BD497AFE6",
"versionEndExcluding": "2023.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\n\n"
},
{
"lang": "es",
"value": "El control de acceso inadecuado en algunos software del compilador Intel(R) oneAPI DPC++/C++ anterior a la versi\u00f3n 2023.2.1 puede permitir que el usuario autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local."
}
],
"id": "CVE-2023-35121",
"lastModified": "2026-01-14T18:13:19.650",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "secure@intel.com",
"type": "Secondary"
}
]
},
"published": "2024-02-14T14:16:00.123",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-29162
Vulnerability from fkie_nvd - Published: 2024-02-14 14:15 - Updated: 2026-01-14 18:27
Severity ?
Summary
Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | advisor | * | |
| intel | cluster_checker | 2021.7.3 | |
| intel | distribution_for_python | 2023.1 | |
| intel | inspector | * | |
| intel | integrated_performance_primitives | 2021.9 | |
| intel | integrated_performance_primitives_cryptography | * | |
| intel | mpi_library | * | |
| intel | oneapi_ai_analytics_toolkit | 2023.2 | |
| intel | oneapi_base_toolkit | * | |
| intel | oneapi_base_toolkit | 2023.2 | |
| intel | oneapi_deep_neural_network | * | |
| intel | oneapi_deep_neural_network | 2023.2 | |
| intel | oneapi_hpc_toolkit | 2023.2 | |
| intel | oneapi_iot_toolkit | 2023.2 | |
| intel | oneapi_math_kernel_library | * | |
| intel | threading_building_blocks | * | |
| intel | trace_analyzer_and_collector | 2021.10.0 | |
| intel | vtune_profiler | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:advisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F19FC1B-ABBC-4AD1-A3EF-FEF6CA6DF90C",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:cluster_checker:2021.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "535F8418-033A-4EAC-9E9B-2BBA83CB885B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:distribution_for_python:2023.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7A8ABC-B220-46D2-A6CE-FDEE08388C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:inspector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8676B2-8B07-4489-AE24-5AFF7B318E73",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives:2021.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2EE063-5A38-40DD-A2C3-BF10664085AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA1F6A6-E2FC-4243-81E3-2E8CA4AA4CD2",
"versionEndExcluding": "2021.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B7FC0C-D3DA-40A2-8D69-2056656F84A0",
"versionEndExcluding": "2021.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_ai_analytics_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "16B6BCCB-F33F-49B6-B87B-CC93E30C82B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7E4E29-75C3-4B97-AB86-C82A3214D558",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11501F04-FAA8-44F9-BD4F-105458A6252B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6DA864-1A74-4706-832B-2D8453A55D06",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "76639D6F-2583-455B-8A0E-7B412C18C485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E2D9438-CC9E-4070-97E6-6300064CF136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "776C3236-F480-446D-93ED-E1A8D9CBA108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF32E88-710F-4622-AC69-4E6A04B8F9D4",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:threading_building_blocks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD857AA-0809-464A-A0FF-13CF527A83AE",
"versionEndExcluding": "2021.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:2021.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68072344-62DC-40C5-9704-1ABCF20E1701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:vtune_profiler:*:*:*:*:*:-:*:*",
"matchCriteriaId": "ABB740DA-24E8-44DF-9E15-C12BD497AFE6",
"versionEndExcluding": "2023.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\n\n"
},
{
"lang": "es",
"value": "Las restricciones inadecuadas del b\u00fafer en algunos compiladores Intel(R) C++ Classic anteriores a la versi\u00f3n 2021.8 pueden permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local."
}
],
"id": "CVE-2023-29162",
"lastModified": "2026-01-14T18:27:26.690",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.5,
"source": "secure@intel.com",
"type": "Secondary"
}
]
},
"published": "2024-02-14T14:15:49.777",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-28823
Vulnerability from fkie_nvd - Published: 2023-08-11 03:15 - Updated: 2024-11-21 07:56
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2193AD3C-C7CF-47BC-B9C7-043A44263881",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:*",
"matchCriteriaId": "268A0E9F-941F-4D2A-821D-4D1032458484",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01C06498-09B0-434E-A9AB-F90225AEDF94",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:dpc\\+\\+_compatibility_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5449D057-151E-49F1-A4F3-9B59BCABAAED",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA34171F-6851-4C68-B9DD-E087DA9CD29D",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6F5C5E-9330-4957-899F-EA81A7829FCE",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "309CC033-7419-45B0-B57E-EDB855D6ED8D",
"versionEndExcluding": "1.19.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EFA075-DD70-416E-9591-827FAC2AD89F",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD85FB58-421A-4959-97BD-437D9445767B",
"versionEndExcluding": "2021.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A27AABCE-03AA-4A04-8950-A7B3AA41829C",
"versionEndExcluding": "2021.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09DEC669-B8A6-4E41-B34C-F6D2F710D96F",
"versionEndExcluding": "2021.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B0E003-2303-4BAA-AAB5-E41672DD36A8",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4E3234-E4F4-4A1A-92C8-7A71741A2280",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB8E84AA-7C56-4F06-9CBD-0F8265EA164B",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+\\/c\\+\\+_compiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86839DB5-6A37-456F-8527-E1D6CFF9592D",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+_library_\\(onedpl\\):*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F404777-A45E-4D04-A459-20440919DA6F",
"versionEndExcluding": "2022.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "140E6A32-DD35-4BD9-8810-26359D76FEB7",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F00829C-D33E-4BF6-A699-16C4E7A9E95B",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D429AB0-77B9-4F05-B59B-95DFC3DF9D4F",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7297C4CE-B6AB-4BBA-89DE-CA0865F8CCBB",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72297C84-0B91-4D8E-A87F-235E3DC346E1",
"versionEndExcluding": "2021.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFF1F97-F77D-496F-97F4-E2A706B6AB33",
"versionEndExcluding": "4.3.1.493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CF5D27-1C7C-4FDF-B3A0-4EE4047195C6",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B820BD-07FB-48AC-B3E4-F3DCAB991C9B",
"versionEndExcluding": "1.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0158081D-D9FD-4918-ADCF-70AB92230B99",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D02EF185-A6E6-4820-A084-60AD061283A7",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7158BB-56CF-40BA-85CF-0B622CC49617",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F034E3C1-6FA9-4F75-80AE-98857F323AA2",
"versionEndExcluding": "2021.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21CFEA3C-4017-44FB-9A25-193FE8D65375",
"versionEndExcluding": "2023.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"id": "CVE-2023-28823",
"lastModified": "2024-11-21T07:56:05.053",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-11T03:15:26.530",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-27391
Vulnerability from fkie_nvd - Published: 2023-08-11 03:15 - Updated: 2024-11-21 07:52
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2193AD3C-C7CF-47BC-B9C7-043A44263881",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:*",
"matchCriteriaId": "268A0E9F-941F-4D2A-821D-4D1032458484",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01C06498-09B0-434E-A9AB-F90225AEDF94",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:dpc\\+\\+_compatibility_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5449D057-151E-49F1-A4F3-9B59BCABAAED",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA34171F-6851-4C68-B9DD-E087DA9CD29D",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6F5C5E-9330-4957-899F-EA81A7829FCE",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "309CC033-7419-45B0-B57E-EDB855D6ED8D",
"versionEndExcluding": "1.19.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EFA075-DD70-416E-9591-827FAC2AD89F",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD85FB58-421A-4959-97BD-437D9445767B",
"versionEndExcluding": "2021.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A27AABCE-03AA-4A04-8950-A7B3AA41829C",
"versionEndExcluding": "2021.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09DEC669-B8A6-4E41-B34C-F6D2F710D96F",
"versionEndExcluding": "2021.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B0E003-2303-4BAA-AAB5-E41672DD36A8",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4E3234-E4F4-4A1A-92C8-7A71741A2280",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB8E84AA-7C56-4F06-9CBD-0F8265EA164B",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+\\/c\\+\\+_compiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86839DB5-6A37-456F-8527-E1D6CFF9592D",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+_library_\\(onedpl\\):*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F404777-A45E-4D04-A459-20440919DA6F",
"versionEndExcluding": "2022.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "140E6A32-DD35-4BD9-8810-26359D76FEB7",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F00829C-D33E-4BF6-A699-16C4E7A9E95B",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D429AB0-77B9-4F05-B59B-95DFC3DF9D4F",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7297C4CE-B6AB-4BBA-89DE-CA0865F8CCBB",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72297C84-0B91-4D8E-A87F-235E3DC346E1",
"versionEndExcluding": "2021.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFF1F97-F77D-496F-97F4-E2A706B6AB33",
"versionEndExcluding": "4.3.1.493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CF5D27-1C7C-4FDF-B3A0-4EE4047195C6",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B820BD-07FB-48AC-B3E4-F3DCAB991C9B",
"versionEndExcluding": "1.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0158081D-D9FD-4918-ADCF-70AB92230B99",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D02EF185-A6E6-4820-A084-60AD061283A7",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7158BB-56CF-40BA-85CF-0B622CC49617",
"versionEndExcluding": "2023.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F034E3C1-6FA9-4F75-80AE-98857F323AA2",
"versionEndExcluding": "2021.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21CFEA3C-4017-44FB-9A25-193FE8D65375",
"versionEndExcluding": "2023.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"id": "CVE-2023-27391",
"lastModified": "2024-11-21T07:52:48.887",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-11T03:15:21.893",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-31197
Vulnerability from fkie_nvd - Published: 2023-05-12 15:15 - Updated: 2024-11-21 08:01
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | trace_analyzer_and_collector | * | |
| intel | trace_analyzer_and_collector | 2020 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "606C00BD-C2D5-4101-B836-2F24C98CE382",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:2020:update1:*:*:*:*:*:*",
"matchCriteriaId": "C899F831-7545-43E0-BC3C-3AC02F694DCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"id": "CVE-2023-31197",
"lastModified": "2024-11-21T08:01:36.660",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-12T15:15:09.470",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00475.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00475.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-23910
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:47
Severity ?
3.9 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Out-of-bounds write for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | oneapi_hpc_toolkit | * | |
| intel | trace_analyzer_and_collector | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6728C973-7E1D-46EB-BE07-E572A09B5D96",
"versionEndExcluding": "2023.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7E18CB-DCAF-4EA3-95BE-4FF68783E2C8",
"versionEndExcluding": "2021.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access."
}
],
"id": "CVE-2023-23910",
"lastModified": "2024-11-21T07:47:04.990",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 2.5,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:30.950",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-23580
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:46
Severity ?
4.8 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | oneapi_hpc_toolkit | * | |
| intel | trace_analyzer_and_collector | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6728C973-7E1D-46EB-BE07-E572A09B5D96",
"versionEndExcluding": "2023.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7E18CB-DCAF-4EA3-95BE-4FF68783E2C8",
"versionEndExcluding": "2021.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access."
}
],
"id": "CVE-2023-23580",
"lastModified": "2024-11-21T07:46:28.143",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 3.4,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:30.253",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-23909
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:47
Severity ?
2.8 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | oneapi_hpc_toolkit | * | |
| intel | trace_analyzer_and_collector | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6728C973-7E1D-46EB-BE07-E572A09B5D96",
"versionEndExcluding": "2023.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7E18CB-DCAF-4EA3-95BE-4FF68783E2C8",
"versionEndExcluding": "2021.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"id": "CVE-2023-23909",
"lastModified": "2024-11-21T07:47:04.870",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 1.4,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:30.667",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-23569
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:46
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | oneapi_hpc_toolkit | * | |
| intel | trace_analyzer_and_collector | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6728C973-7E1D-46EB-BE07-E572A09B5D96",
"versionEndExcluding": "2023.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7E18CB-DCAF-4EA3-95BE-4FF68783E2C8",
"versionEndExcluding": "2021.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"id": "CVE-2023-23569",
"lastModified": "2024-11-21T07:46:26.780",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:29.507",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-22355
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:44
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:advisor:*:*:*:*:*:oneapi:*:*",
"matchCriteriaId": "ACFF62CB-DC95-4A03-8886-E3DE682ECF45",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:cpu_runtime:*:*:*:*:*:opencl:*:*",
"matchCriteriaId": "65B36180-4945-4A43-B2AD-B917C6FA052C",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:distribution_for_python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF57C55-C87E-428C-9634-158AA00C4717",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:dpc\\+\\+_compatibility_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA35C90-15A8-492A-82AA-EB90B5A64CC3",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B39BDDD-5AED-4E02-A856-330F54E7660A",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0160EA22-BD65-4674-97A0-D10CE4171895",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CC2A97B-1E5D-4076-BC33-2137275B80EB",
"versionEndExcluding": "1.18.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:inspector:*:*:*:*:*:oneapi:*:*",
"matchCriteriaId": "FDDBD13A-D43F-4855-912A-D1AD78C42B63",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1200A0B0-FE28-424D-B225-5A9FBA381F59",
"versionEndExcluding": "2021.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92634595-EBED-490B-8C5D-E0628B5671C1",
"versionEndExcluding": "2021.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73AD7DE0-4634-4760-863D-705CEFF0D531",
"versionEndExcluding": "2021.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77F68C74-6AEB-4586-A9A1-2AA4CABC992D",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDFCC4E-E137-40BA-B6A3-9650D8FB9DA9",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12E76EDE-CA0D-4861-80EE-A7A860F2F6AE",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+\\/c\\+\\+_compiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91F934F2-5D53-449D-8033-31C01BF99A1E",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF697BE5-6DDE-40AD-853F-CA1C05638E1C",
"versionEndExcluding": "2022.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6728C973-7E1D-46EB-BE07-E572A09B5D96",
"versionEndExcluding": "2023.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:2023.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0726E01-A9D7-4D32-92C5-4D7673A7DDC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04049E09-EA46-4270-844A-722AD33E9305",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42A7BFFF-DEB1-42F4-984F-3462DEF40A41",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9962AA12-66F5-4545-88FE-2EF3A671E904",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85C9E5C6-95FA-4C62-B18A-13FAE13E3AD5",
"versionEndExcluding": "2021.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "850130A2-4C4D-4E0A-A5B6-62619B673290",
"versionEndExcluding": "4.3.0.251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06201FF4-6ED4-4E41-A356-738A4E5F8AEC",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B820BD-07FB-48AC-B3E4-F3DCAB991C9B",
"versionEndExcluding": "1.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7C18F6-10F1-49DC-93BC-C5A0A170F404",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA13265-18CF-46A0-89FE-2249E9DAF597",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BABB997-985A-4BAC-93CA-FB7CD0CE545F",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7E18CB-DCAF-4EA3-95BE-4FF68783E2C8",
"versionEndExcluding": "2021.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:vtune_profiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B852D3CA-B710-4686-9414-5D0FDEF0C4B3",
"versionEndExcluding": "2023.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"id": "CVE-2023-22355",
"lastModified": "2024-11-21T07:44:37.140",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:27.240",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-42878
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:25
Severity ?
2.8 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | oneapi_hpc_toolkit | * | |
| intel | trace_analyzer_and_collector | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6728C973-7E1D-46EB-BE07-E572A09B5D96",
"versionEndExcluding": "2023.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7E18CB-DCAF-4EA3-95BE-4FF68783E2C8",
"versionEndExcluding": "2021.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"id": "CVE-2022-42878",
"lastModified": "2024-11-21T07:25:30.940",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 1.4,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:23.103",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-395"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2024-28172 (GCVE-0-2024-28172)
Vulnerability from cvelistv5 – Published: 2024-08-14 13:45 – Updated: 2024-08-15 15:13
VLAI?
Summary
Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
- CWE-427 - Uncontrolled search path
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Trace Analyzer and Collector software |
Affected:
before version 2022.1
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:trace_analyzer_and_collector:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "trace_analyzer_and_collector",
"vendor": "intel",
"versions": [
{
"lessThan": "2022.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28172",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T15:12:18.358599Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T15:13:58.795Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Trace Analyzer and Collector software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2022.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-427",
"description": "Uncontrolled search path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T13:45:21.618Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01117.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01117.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2024-28172",
"datePublished": "2024-08-14T13:45:21.618Z",
"dateReserved": "2024-03-13T03:00:17.311Z",
"dateUpdated": "2024-08-15T15:13:58.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35121 (GCVE-0-2023-35121)
Vulnerability from cvelistv5 – Published: 2024-02-14 13:38 – Updated: 2024-08-02 16:23
VLAI?
Summary
Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.
Severity ?
7.8 (High)
CWE
- escalation of privilege
- Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI DPC++/C++ Compiler software |
Affected:
before version 2023.2.1
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:advisor:*:*:*:*:*:oneapi:*:*"
],
"defaultStatus": "unknown",
"product": "advisor",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:inspector:*:*:*:*:*:oneapi:*:*"
],
"defaultStatus": "unknown",
"product": "inspector",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_ai_analytics_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_ai_analytics_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_base_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_deep_neural_network:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_deep_neural_network",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_hpc_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_iot_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-28T19:15:26.510057Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T18:11:26.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) oneAPI DPC++/C++ Compiler software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2023.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\u003c/p\u003e"
}
],
"value": "Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"description": "Improper access control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T15:02:44.885Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-35121",
"datePublished": "2024-02-14T13:38:13.220Z",
"dateReserved": "2023-08-04T03:00:04.724Z",
"dateUpdated": "2024-08-02T16:23:59.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29162 (GCVE-0-2023-29162)
Vulnerability from cvelistv5 – Published: 2024-02-14 13:38 – Updated: 2025-03-20 14:34
VLAI?
Summary
Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
6 (Medium)
CWE
- escalation of privilege
- Improper buffer restrictions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) C++ Compiler Classic |
Affected:
before version 2021.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:oneapi_toolkits:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_toolkits",
"vendor": "intel",
"versions": [
{
"lessThan": "2022.3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:cplusplus_compiler_classic:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cplusplus_compiler_classic",
"vendor": "intel",
"versions": [
{
"lessThan": "2021.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29162",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T18:23:46.476234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T14:34:20.632Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) C++ Compiler Classic",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2021.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\u003c/p\u003e"
}
],
"value": "Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"description": "Improper buffer restrictions",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T15:28:54.293Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-29162",
"datePublished": "2024-02-14T13:38:13.744Z",
"dateReserved": "2023-04-13T03:00:03.833Z",
"dateUpdated": "2025-03-20T14:34:20.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27391 (GCVE-0-2023-27391)
Vulnerability from cvelistv5 – Published: 2023-08-11 02:37 – Updated: 2024-10-15 15:08
VLAI?
Summary
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
- CWE-284 - Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI Toolkit and component software installers |
Affected:
before version 4.3.1.493
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:43.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27391",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T15:08:31.237109Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T15:08:54.960Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) oneAPI Toolkit and component software installers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 4.3.1.493"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-11T02:37:17.469Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-27391",
"datePublished": "2023-08-11T02:37:17.469Z",
"dateReserved": "2023-04-07T03:00:04.388Z",
"dateUpdated": "2024-10-15T15:08:54.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28823 (GCVE-0-2023-28823)
Vulnerability from cvelistv5 – Published: 2023-08-11 02:37 – Updated: 2024-10-15 19:05
VLAI?
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
- CWE-427 - Uncontrolled search path
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI Toolkit and component software installers |
Affected:
before version 4.3.1.493
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T19:05:28.498960Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:05:50.922Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) oneAPI Toolkit and component software installers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 4.3.1.493"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-427",
"description": "Uncontrolled search path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-11T02:37:17.988Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-28823",
"datePublished": "2023-08-11T02:37:17.988Z",
"dateReserved": "2023-04-07T03:00:04.506Z",
"dateUpdated": "2024-10-15T19:05:50.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-31197 (GCVE-0-2023-31197)
Vulnerability from cvelistv5 – Published: 2023-05-12 14:01 – Updated: 2025-01-24 16:46
VLAI?
Summary
Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
- CWE-427 - Uncontrolled search path
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Trace Analyzer and Collector |
Affected:
before version 2020 update 3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:26.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00475.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00475.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31197",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-24T16:46:01.281128Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T16:46:07.912Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Trace Analyzer and Collector",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2020 update 3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-427",
"description": "Uncontrolled search path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-12T14:01:46.385Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00475.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00475.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-31197",
"datePublished": "2023-05-12T14:01:46.385Z",
"dateReserved": "2023-04-25T03:00:03.883Z",
"dateUpdated": "2025-01-24T16:46:07.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22355 (GCVE-0-2023-22355)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:17 – Updated: 2025-01-24 17:36
VLAI?
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
- CWE-427 - Uncontrolled search path
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI Toolkit and component software installers |
Affected:
before version 4.3.0.251
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-24T17:36:23.211884Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T17:36:46.630Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) oneAPI Toolkit and component software installers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 4.3.0.251"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-427",
"description": "Uncontrolled search path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:14.480Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22355",
"datePublished": "2023-05-10T13:17:14.480Z",
"dateReserved": "2023-01-07T04:00:03.309Z",
"dateUpdated": "2025-01-24T17:36:46.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-42878 (GCVE-0-2022-42878)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:16 – Updated: 2025-01-27 18:10
VLAI?
Summary
Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
CWE
- information disclosure
- CWE-395 - Null pointer dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Trace Analyzer and Collector software |
Affected:
before version 2021.8.0 published Dec 2022
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:19:05.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-42878",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:27:16.814752Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:10:24.124Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Trace Analyzer and Collector software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2021.8.0 published Dec 2022"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-395",
"description": "Null pointer dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:16:43.137Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-42878",
"datePublished": "2023-05-10T13:16:43.137Z",
"dateReserved": "2022-10-12T03:00:03.901Z",
"dateUpdated": "2025-01-27T18:10:24.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23909 (GCVE-0-2023-23909)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:16 – Updated: 2025-01-27 18:10
VLAI?
Summary
Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
CWE
- information disclosure
- CWE-125 - Out-of-bounds read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Trace Analyzer and Collector software |
Affected:
before version 2021.8.0 published Dec 2022
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:27.094Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23909",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:27:13.705523Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:10:13.519Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Trace Analyzer and Collector software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2021.8.0 published Dec 2022"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-125",
"description": "Out-of-bounds read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:16:43.722Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-23909",
"datePublished": "2023-05-10T13:16:43.722Z",
"dateReserved": "2023-02-01T04:00:02.576Z",
"dateUpdated": "2025-01-27T18:10:13.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28172 (GCVE-0-2024-28172)
Vulnerability from nvd – Published: 2024-08-14 13:45 – Updated: 2024-08-15 15:13
VLAI?
Summary
Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
- CWE-427 - Uncontrolled search path
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Trace Analyzer and Collector software |
Affected:
before version 2022.1
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:trace_analyzer_and_collector:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "trace_analyzer_and_collector",
"vendor": "intel",
"versions": [
{
"lessThan": "2022.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28172",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T15:12:18.358599Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T15:13:58.795Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Trace Analyzer and Collector software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2022.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-427",
"description": "Uncontrolled search path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T13:45:21.618Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01117.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01117.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2024-28172",
"datePublished": "2024-08-14T13:45:21.618Z",
"dateReserved": "2024-03-13T03:00:17.311Z",
"dateUpdated": "2024-08-15T15:13:58.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35121 (GCVE-0-2023-35121)
Vulnerability from nvd – Published: 2024-02-14 13:38 – Updated: 2024-08-02 16:23
VLAI?
Summary
Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.
Severity ?
7.8 (High)
CWE
- escalation of privilege
- Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI DPC++/C++ Compiler software |
Affected:
before version 2023.2.1
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:advisor:*:*:*:*:*:oneapi:*:*"
],
"defaultStatus": "unknown",
"product": "advisor",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:inspector:*:*:*:*:*:oneapi:*:*"
],
"defaultStatus": "unknown",
"product": "inspector",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_ai_analytics_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_ai_analytics_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_base_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_deep_neural_network:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_deep_neural_network",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_hpc_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_iot_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-28T19:15:26.510057Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T18:11:26.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) oneAPI DPC++/C++ Compiler software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2023.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\u003c/p\u003e"
}
],
"value": "Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"description": "Improper access control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T15:02:44.885Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-35121",
"datePublished": "2024-02-14T13:38:13.220Z",
"dateReserved": "2023-08-04T03:00:04.724Z",
"dateUpdated": "2024-08-02T16:23:59.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29162 (GCVE-0-2023-29162)
Vulnerability from nvd – Published: 2024-02-14 13:38 – Updated: 2025-03-20 14:34
VLAI?
Summary
Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
6 (Medium)
CWE
- escalation of privilege
- Improper buffer restrictions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) C++ Compiler Classic |
Affected:
before version 2021.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:oneapi_toolkits:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_toolkits",
"vendor": "intel",
"versions": [
{
"lessThan": "2022.3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:cplusplus_compiler_classic:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cplusplus_compiler_classic",
"vendor": "intel",
"versions": [
{
"lessThan": "2021.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29162",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T18:23:46.476234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T14:34:20.632Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) C++ Compiler Classic",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2021.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\u003c/p\u003e"
}
],
"value": "Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"description": "Improper buffer restrictions",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T15:28:54.293Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-29162",
"datePublished": "2024-02-14T13:38:13.744Z",
"dateReserved": "2023-04-13T03:00:03.833Z",
"dateUpdated": "2025-03-20T14:34:20.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27391 (GCVE-0-2023-27391)
Vulnerability from nvd – Published: 2023-08-11 02:37 – Updated: 2024-10-15 15:08
VLAI?
Summary
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
- CWE-284 - Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI Toolkit and component software installers |
Affected:
before version 4.3.1.493
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:43.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27391",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T15:08:31.237109Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T15:08:54.960Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) oneAPI Toolkit and component software installers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 4.3.1.493"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-11T02:37:17.469Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-27391",
"datePublished": "2023-08-11T02:37:17.469Z",
"dateReserved": "2023-04-07T03:00:04.388Z",
"dateUpdated": "2024-10-15T15:08:54.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28823 (GCVE-0-2023-28823)
Vulnerability from nvd – Published: 2023-08-11 02:37 – Updated: 2024-10-15 19:05
VLAI?
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
- CWE-427 - Uncontrolled search path
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI Toolkit and component software installers |
Affected:
before version 4.3.1.493
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T19:05:28.498960Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:05:50.922Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) oneAPI Toolkit and component software installers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 4.3.1.493"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-427",
"description": "Uncontrolled search path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-11T02:37:17.988Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-28823",
"datePublished": "2023-08-11T02:37:17.988Z",
"dateReserved": "2023-04-07T03:00:04.506Z",
"dateUpdated": "2024-10-15T19:05:50.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-31197 (GCVE-0-2023-31197)
Vulnerability from nvd – Published: 2023-05-12 14:01 – Updated: 2025-01-24 16:46
VLAI?
Summary
Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
- CWE-427 - Uncontrolled search path
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Trace Analyzer and Collector |
Affected:
before version 2020 update 3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:26.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00475.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00475.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31197",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-24T16:46:01.281128Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T16:46:07.912Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Trace Analyzer and Collector",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2020 update 3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-427",
"description": "Uncontrolled search path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-12T14:01:46.385Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00475.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00475.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-31197",
"datePublished": "2023-05-12T14:01:46.385Z",
"dateReserved": "2023-04-25T03:00:03.883Z",
"dateUpdated": "2025-01-24T16:46:07.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22355 (GCVE-0-2023-22355)
Vulnerability from nvd – Published: 2023-05-10 13:17 – Updated: 2025-01-24 17:36
VLAI?
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
- CWE-427 - Uncontrolled search path
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI Toolkit and component software installers |
Affected:
before version 4.3.0.251
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-24T17:36:23.211884Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T17:36:46.630Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) oneAPI Toolkit and component software installers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 4.3.0.251"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-427",
"description": "Uncontrolled search path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:14.480Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22355",
"datePublished": "2023-05-10T13:17:14.480Z",
"dateReserved": "2023-01-07T04:00:03.309Z",
"dateUpdated": "2025-01-24T17:36:46.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-42878 (GCVE-0-2022-42878)
Vulnerability from nvd – Published: 2023-05-10 13:16 – Updated: 2025-01-27 18:10
VLAI?
Summary
Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
CWE
- information disclosure
- CWE-395 - Null pointer dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Trace Analyzer and Collector software |
Affected:
before version 2021.8.0 published Dec 2022
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:19:05.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-42878",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:27:16.814752Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:10:24.124Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Trace Analyzer and Collector software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2021.8.0 published Dec 2022"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-395",
"description": "Null pointer dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:16:43.137Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-42878",
"datePublished": "2023-05-10T13:16:43.137Z",
"dateReserved": "2022-10-12T03:00:03.901Z",
"dateUpdated": "2025-01-27T18:10:24.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23909 (GCVE-0-2023-23909)
Vulnerability from nvd – Published: 2023-05-10 13:16 – Updated: 2025-01-27 18:10
VLAI?
Summary
Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
CWE
- information disclosure
- CWE-125 - Out-of-bounds read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Trace Analyzer and Collector software |
Affected:
before version 2021.8.0 published Dec 2022
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:27.094Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23909",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:27:13.705523Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:10:13.519Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Trace Analyzer and Collector software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2021.8.0 published Dec 2022"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-125",
"description": "Out-of-bounds read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:16:43.722Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-23909",
"datePublished": "2023-05-10T13:16:43.722Z",
"dateReserved": "2023-02-01T04:00:02.576Z",
"dateUpdated": "2025-01-27T18:10:13.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}