CVE-2023-24592

CWE-22 — Path Traversal3 documents3 sources

Severity

7.8HIGH

EPSS

0.1%

top 64.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Advisor Intel Inspector Intel MPI Library +2 more

Timeline

PublishedNov 14

Description

Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may allow authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 1.3 | Impact: 5.9

Affected Packages6 packages

▶CVEListV5intel(r)_oneapi_toolkits_and_component_softwarebefore version 2023.1

▶NVDintel/oneapi_hpc_toolkit< 2023.1

▶NVDintel/oneapi_base_toolkit< 2023.1

▶NVDintel/advisor< 2023.1

▶NVDintel/inspector< 2023.1

Patches

Patch: www.intel.com ↗Patch: www.intel.com ↗

🔴Vulnerability Details

GHSA

GHSA-hwv7-r8wc-xjxc: Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023↗2023-11-14

▶

CVEList

CVE-2023-24592: Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023↗2023-11-14

▶