Lucene search

[email protected]CVE-2023-27391

HistoryAug 11, 2023 - 3:15 a.m.

CVE-2023-27391

2023-08-1103:15:21

NVD-CWE-noinfo

CWE-284

[email protected]

web.nvd.nist.gov

cve-2023-27391

intel

oneapi toolkit

access control

privilege escalation

nvd

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:M/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

8.7%

JSON

Improper access control in some Intel® oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.

CPENameOperatorVersion
intel:advisor_for_oneapiintel advisor for oneapilt2023.1
intel:cpu_runtime_for_opencl_applicationsintel cpu runtime for opencl applicationslt2023.1
intel:distribution_for_python_programming_languageintel distribution for python programming languagelt2023.1
intel:dpc\+\+_compatibility_toolintel dpc\+\+ compatibility toollt2023.1
intel:dpc\+\+_compatibility_toolintel dpc\+\+ compatibility tooleq-
intel:dpc\+\+_compatibility_toolintel dpc\+\+ compatibility tooleq2023.0
intel:embree_ray_tracing_kernel_libraryintel embree ray tracing kernel librarylt2023.1
intel:fortran_compilerintel fortran compilerlt2023.1
intel:implicit_spmd_program_compilerintel implicit spmd program compilerlt1.19.1
intel:inspector_for_oneapiintel inspector for oneapilt2023.1

CPE	Name	Operator	Version
intel:advisor_for_oneapi	intel advisor for oneapi	lt	2023.1
intel:cpu_runtime_for_opencl_applications	intel cpu runtime for opencl applications	lt	2023.1
intel:distribution_for_python_programming_language	intel distribution for python programming language	lt	2023.1
intel:dpc\+\+_compatibility_tool	intel dpc\+\+ compatibility tool	lt	2023.1
intel:dpc\+\+_compatibility_tool	intel dpc\+\+ compatibility tool	eq	-
intel:dpc\+\+_compatibility_tool	intel dpc\+\+ compatibility tool	eq	2023.0
intel:embree_ray_tracing_kernel_library	intel embree ray tracing kernel library	lt	2023.1
intel:fortran_compiler	intel fortran compiler	lt	2023.1
intel:implicit_spmd_program_compiler	intel implicit spmd program compiler	lt	1.19.1
intel:inspector_for_oneapi	intel inspector for oneapi	lt	2023.1

Rows per page:

1-10 of 911

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:M/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

8.7%

JSON

Related for CVE-2023-27391

prion1 cvelist1 intel1 oracle2