Lucene search

[email protected]NVD:CVE-2023-23909

HistoryMay 10, 2023 - 2:15 p.m.

CVE-2023-23909

2023-05-1014:15:30

CWE-125

[email protected]

web.nvd.nist.gov

intel trace analyzer

out-of-bounds read

information disclosure

local access

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

Confidence

High

EPSS

Percentile

9.0%

JSON

Out-of-bounds read for some Intel® Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.

Affected configurations

Nvd

Node

inteloneapi_hpc_toolkitRange<2023.0.0

inteltrace_analyzer_and_collectorRange<2021.8.0

VendorProductVersionCPE
inteloneapi_hpc_toolkit*cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*
inteltrace_analyzer_and_collector*cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intel	oneapi_hpc_toolkit	*	cpe:2.3:a:intel:oneapi_hpc_toolkit::::::::
intel	trace_analyzer_and_collector	*	cpe:2.3:a:intel:trace_analyzer_and_collector::::::::

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2023-23909

cve1 prion1 cvelist1 intel1