Lucene search
IntelCVE-2023-22355HistoryMay 10, 2023 - 2:15 p.m.
CVE-2023-22355
2023-05-1014:15:27
CWE-427
intel
web.nvd.nist.gov
32
cve-2023-22355
intel
oneapi toolkit
component software
installers
privilege escalation
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Uncontrolled search path in some Intelยฎ oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.
Affected configurations
Node
inteladvisorRange<2023.0oneapi
ORintelcpu_runtimeRange<2023.0opencl
ORinteldistribution_for_pythonRange<2023.0
ORinteldpc\+\+_compatibility_toolRange<2023.0
ORintelembree_ray_tracing_kernel_libraryRange<2023.0
ORintelfortran_compilerRange<2023.0
ORintelimplicit_spmd_program_compilerRange<1.18.1
ORintelinspectorRange<2023.0oneapi
ORintelintegrated_performance_primitivesRange<2021.7
ORintelintegrated_performance_primitives_cryptographyRange<2021.6.3
ORintelmpi_libraryRange<2021.8
ORinteloneapi_base_toolkitRange<2023.0
ORinteloneapi_data_analytics_libraryRange<2023.0
ORinteloneapi_deep_neural_network_libraryRange<2023.0
ORinteloneapi_dpc\+\+\/c\+\+_compilerRange<2023.0
ORinteloneapi_dpc\+\+_libraryRange<2022.0
ORinteloneapi_hpc_toolkitRange<2023.0.0
ORinteloneapi_hpc_toolkitMatch2023.0.0
ORinteloneapi_iot_toolkitRange<2023.0
ORinteloneapi_math_kernel_libraryRange<2023.0
ORinteloneapi_rendering_toolkitRange<2023.0
ORinteloneapi_threading_building_blocksRange<2021.8
ORinteloneapi_toolkit_and_component_software_installersRange<4.3.0.251
ORinteloneapi_video_processing_libraryRange<2023.0
ORintelopen_image_denoiseRange<1.4.3
ORintelopen_volume_kernel_libraryRange<2023.0
ORintelosprayRange<2023.0
ORintelospray_studioRange<2023.0
ORinteltrace_analyzer_and_collectorRange<2021.8.0
ORintelvtune_profilerRange<2023.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| intel | advisor | * | cpe:2.3:a:intel:advisor:*:*:*:*:*:oneapi:*:* |
| intel | cpu_runtime | * | cpe:2.3:a:intel:cpu_runtime:*:*:*:*:*:opencl:*:* |
| intel | distribution_for_python | * | cpe:2.3:a:intel:distribution_for_python:*:*:*:*:*:*:*:* |
| intel | dpc\+\+_compatibility_tool | * | cpe:2.3:a:intel:dpc\+\+_compatibility_tool:*:*:*:*:*:*:*:* |
| intel | embree_ray_tracing_kernel_library | * | cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:* |
| intel | fortran_compiler | * | cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:* |
| intel | implicit_spmd_program_compiler | * | cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:* |
| intel | inspector | * | cpe:2.3:a:intel:inspector:*:*:*:*:*:oneapi:*:* |
| intel | integrated_performance_primitives | * | cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:* |
| intel | integrated_performance_primitives_cryptography | * | cpe:2.3:a:intel:integrated_performance_primitives_cryptography:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "n/a",
"product": "Intel(R) oneAPI Toolkit and component software installers",
"versions": [
{
"version": "before version 4.3.0.251",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]Related
cvelist
cvelist
CVE-2023-22355
2023-05-10 13:17:14
intel
intel
Intelยฎ oneAPI Toolkit and Component Software Installersย Advisory
2023-05-09 00:00:00
osv
osv
CVE-2023-22355
2023-05-10 14:15:27
prion
prion
Design/Logic Flaw
2023-05-10 14:15:00
nvd
nvd
CVE-2023-22355
2023-05-10 14:15:27
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Related for CVE-2023-22355