CVE-2023-27391

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-27391
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.

6.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html Vendor Advisory
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:dpc\+\+_compatibility_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_dpc\+\+\/c\+\+_compiler:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_dpc\+\+_library_\(onedpl\):*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:*
History

21 Nov 2024, 07:52

Type Values Removed Values Added
References () http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html - Vendor Advisory () http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html - Vendor Advisory

17 Aug 2023, 17:47

Type Values Removed Values Added
CWE NVD-CWE-noinfo
References (MISC) http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html - (MISC) http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html - Vendor Advisory
CPE cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_dpc\+\+\/c\+\+_compiler:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:dpc\+\+_compatibility_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:oneapi_dpc\+\+_library_\(onedpl\):*:*:*:*:*:*:*:*
cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:*
First Time Intel integrated Performance Primitives
Intel oneapi Base Toolkit
Intel ospray
Intel oneapi Threading Building Blocks
Intel cpu Runtime For Opencl Applications
Intel oneapi Dpc\+\+\/c\+\+ Compiler
Intel oneapi Data Analytics Library
Intel implicit Spmd Program Compiler
Intel oneapi Math Kernel Library
Intel inspector For Oneapi
Intel embree Ray Tracing Kernel Library
Intel oneapi Rendering Toolkit
Intel fortran Compiler
Intel open Image Denoise
Intel dpc\+\+ Compatibility Tool
Intel oneapi Hpc Toolkit
Intel trace Analyzer And Collector
Intel vtune Profiler For Oneapi
Intel oneapi Iot Toolkit
Intel oneapi Deep Neural Network Library
Intel distribution For Python Programming Language
Intel oneapi Toolkit And Component Software Installer
Intel oneapi Video Processing Library
Intel ospray Studio
Intel mpi Library
Intel ipp Cryptography
Intel open Volume Kernel Library
Intel
Intel oneapi Dpc\+\+ Library \(onedpl\)
Intel advisor For Oneapi
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.7

11 Aug 2023, 03:44

Type Values Removed Values Added
New CVE
Information

Published : 2023-08-11 03:15

Updated : 2024-11-21 07:52

NVD link : CVE-2023-27391

Mitre link : CVE-2023-27391

CVE.ORG link : CVE-2023-27391

JSON object : View

Products Affected

intel

  • oneapi_threading_building_blocks
  • oneapi_base_toolkit
  • fortran_compiler
  • oneapi_video_processing_library
  • oneapi_math_kernel_library
  • ospray
  • oneapi_deep_neural_network_library
  • distribution_for_python_programming_language
  • cpu_runtime_for_opencl_applications
  • vtune_profiler_for_oneapi
  • embree_ray_tracing_kernel_library
  • oneapi_dpc\+\+\/c\+\+_compiler
  • oneapi_toolkit_and_component_software_installer
  • oneapi_dpc\+\+_library_\(onedpl\)
  • integrated_performance_primitives
  • advisor_for_oneapi
  • dpc\+\+_compatibility_tool
  • mpi_library
  • open_volume_kernel_library
  • trace_analyzer_and_collector
  • inspector_for_oneapi
  • oneapi_hpc_toolkit
  • oneapi_data_analytics_library
  • ipp_cryptography
  • ospray_studio
  • implicit_spmd_program_compiler
  • oneapi_iot_toolkit
  • oneapi_rendering_toolkit
  • open_image_denoise
CWE
CWE-284

Improper Access Control

NVD-CWE-noinfo

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024