Lucene search

IntelCVE-2017-5682

HistoryFeb 28, 2017 - 7:59 p.m.

CVE-2017-5682

2017-02-2819:59:00

intel

web.nvd.nist.gov

cve-2017-5682

intel

privilege escalation

software security

vulnerability

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

High

EPSS

Percentile

12.6%

JSON

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.

Affected configurations

Nvd

Node

inteladvisorMatch2017

intelcryptography_for_intel_integrated_performance_primitivesMatch2017

inteldata_analytics_acceleration_libraryMatch2017

intelinspectorMatch2017

intelintegrated_performance_primitivesMatch2017

intelmath_kernel_libraryMatch2017

intelmpi_libraryMatch2017

intelparallel_studio_xeMatch2017

intelsystem_studioMatch2017

intelthreading_building_blocksMatch2017

inteltrace_analyzer_and_collectorMatch2017

intelvtune_amplifierMatch2017

VendorProductVersionCPE
inteladvisor2017cpe:2.3:a:intel:advisor:2017:*:*:*:*:*:*:*
intelcryptography_for_intel_integrated_performance_primitives2017cpe:2.3:a:intel:cryptography_for_intel_integrated_performance_primitives:2017:*:*:*:*:*:*:*
inteldata_analytics_acceleration_library2017cpe:2.3:a:intel:data_analytics_acceleration_library:2017:*:*:*:*:*:*:*
intelinspector2017cpe:2.3:a:intel:inspector:2017:*:*:*:*:*:*:*
intelintegrated_performance_primitives2017cpe:2.3:a:intel:integrated_performance_primitives:2017:*:*:*:*:*:*:*
intelmath_kernel_library2017cpe:2.3:a:intel:math_kernel_library:2017:*:*:*:*:*:*:*
intelmpi_library2017cpe:2.3:a:intel:mpi_library:2017:*:*:*:*:*:*:*
intelparallel_studio_xe2017cpe:2.3:a:intel:parallel_studio_xe:2017:*:*:*:*:*:*:*
intelsystem_studio2017cpe:2.3:a:intel:system_studio:2017:*:*:*:*:*:*:*
intelthreading_building_blocks2017cpe:2.3:a:intel:threading_building_blocks:2017:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intel	advisor	2017	cpe:2.3:a:intel:advisor:2017:::::::*
intel	cryptography_for_intel_integrated_performance_primitives	2017	cpe:2.3:a:intel:cryptography_for_intel_integrated_performance_primitives:2017:::::::*
intel	data_analytics_acceleration_library	2017	cpe:2.3:a:intel:data_analytics_acceleration_library:2017:::::::*
intel	inspector	2017	cpe:2.3:a:intel:inspector:2017:::::::*
intel	integrated_performance_primitives	2017	cpe:2.3:a:intel:integrated_performance_primitives:2017:::::::*
intel	math_kernel_library	2017	cpe:2.3:a:intel:math_kernel_library:2017:::::::*
intel	mpi_library	2017	cpe:2.3:a:intel:mpi_library:2017:::::::*
intel	parallel_studio_xe	2017	cpe:2.3:a:intel:parallel_studio_xe:2017:::::::*
intel	system_studio	2017	cpe:2.3:a:intel:system_studio:2017:::::::*
intel	threading_building_blocks	2017	cpe:2.3:a:intel:threading_building_blocks:2017:::::::*

Rows per page:

1-10 of 121

CNA Affected

[
  {
    "product": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2"
      }
    ]
  }
]

References

www.securityfocus.com/bid/96482

security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070&languageid=en-fr

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for CVE-2017-5682