CVE-2023-22355

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-22355

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-22355.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-22355

Published

2023-05-10T14:15:27Z

Modified

2025-01-14T11:30:42.053788Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html

Affected packages

Git / github.com/intel/ipp-crypto

Affected ranges

Type: GIT
Repo: https://github.com/intel/ipp-crypto
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

48d0e528cf948f32a0ed6e734e6e211470e5971a

Type: GIT
Repo: https://github.com/renderkit/ospray
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

f9a5db9a835085933455326f27589ae9e292b099

Affected versions

Other

ippcp_2019b_r

ippcp_2020u2

ippcp_2021.*

ippcp_2021.6

release-0.*

release-0.5.0

release-0.5.1

release-0.5.2

release-0.6.0

v0.*

v0.10.0

v0.10.1

v0.7.0

v0.7.1

v0.7.2

v0.8.0

v0.8.1

v0.8.2

v0.8.3

v0.9.0

v0.9.0RC1

v0.9.1

v1.*

v1.0.0

v1.1.0

v1.1.1

v1.1.2

v1.2.0

v1.2.1

v1.3.0

v1.3.1

v1.4.0

v1.4.1

v1.4.2