CVE-2020-0515

{"id": "CVE-2020-0515", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2020-03-12T20:15:12.643", "references": [{"url": "https://security.netapp.com/advisory/ntap-20200320-0003/", "tags": ["Third Party Advisory"], "source": "secure@intel.com"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html", "tags": ["Vendor Advisory"], "source": "secure@intel.com"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00369.html", "tags": ["Vendor Advisory"], "source": "secure@intel.com"}, {"url": "https://security.netapp.com/advisory/ntap-20200320-0003/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00369.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-427"}]}], "descriptions": [{"lang": "en", "value": "Uncontrolled search path element in the installer for Intel(R) Graphics Drivers before versions 26.20.100.7584, 15.45.30.5103, 15.40.44.5107, 15.36.38.5117, and 15.33.49.5100 may allow an authenticated user to potentially enable escalation of privilege via local access"}, {"lang": "es", "value": "El elemento de ruta de b\u00fasqueda no controlada en el instalador para Intel(R) Graphics Drivers versiones anteriores a 26.20.100.7584, 15.45.30.5103, 15.40.44.5107, 15.36.38.5117 y 15.33.49.5100, puede permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local"}], "lastModified": "2024-11-21T04:53:39.043", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6D014D7-B878-4DD8-A1D3-82FC177B819C", "versionEndExcluding": "15.33.49.5100", "versionStartIncluding": "15.33"}, {"criteria": "cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7DAB4DEB-3BCE-48A0-AAB9-842129D5DEC5", "versionEndExcluding": "15.36.38.5117", "versionStartIncluding": "15.36"}, {"criteria": "cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7250C6F-1E48-4E0B-AACB-52D4FC3F494D", "versionEndExcluding": "15.40.44.5107", "versionStartIncluding": "15.40"}, {"criteria": "cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB43B202-E327-43C3-8F68-A1CC5E6C8300", "versionEndExcluding": "15.45.30.5103", "versionStartIncluding": "15.45"}, {"criteria": "cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B60CA50-4975-4295-99F7-D14A1C401776", "versionEndExcluding": "26.20.100.7584", "versionStartIncluding": "26.20"}], "operator": "OR"}]}], "sourceIdentifier": "secure@intel.com"}