cvelistv5 - CVE-2017-5682

CVE-2017-5682 (GCVE-0-2017-5682)

Vulnerability from cvelistv5 – Published: 2017-02-28 19:00 – Updated: 2024-08-05 15:11

Summary

Severity ?

No CVSS data available.

CWE

Escalation of Privilege

Assigner

intel

References

URL

Tags

	https://security-center.intel.com/advisory.aspx?i…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/96482	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2	Affected: Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:11:48.398Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
          },
          {
            "name": "96482",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96482"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2"
            }
          ]
        }
      ],
      "datePublic": "2017-02-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-02T10:57:01",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
        },
        {
          "name": "96482",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96482"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2017-5682",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Escalation of Privilege"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr",
              "refsource": "CONFIRM",
              "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
            },
            {
              "name": "96482",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96482"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2017-5682",
    "datePublished": "2017-02-28T19:00:00",
    "dateReserved": "2017-02-01T00:00:00",
    "dateUpdated": "2024-08-05T15:11:48.398Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:advisor:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83E6F5FC-D325-4C8C-82E9-82B5FFCEB083\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:cryptography_for_intel_integrated_performance_primitives:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91AFB020-6F26-4D0D-A373-5E6341975421\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:data_analytics_acceleration_library:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B40F7BDC-1317-480B-9B23-1F13758543D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:inspector:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9644872-437C-4AD5-9D7C-811E527CC13B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:integrated_performance_primitives:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B67785D4-D084-4C3E-81E6-B6C5BD110885\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:math_kernel_library:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B94882E-342F-4D87-A0D2-6F0C9282B096\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:mpi_library:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B60FA44-7160-4D1A-98AE-744FC2C91B88\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:parallel_studio_xe:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9DFA92D-02DD-4623-A7A5-B7780CE24996\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:system_studio:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1314F593-5448-4458-A7FF-A479909C0147\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:threading_building_blocks:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"096729CA-6729-480D-BEDD-B294DCB3B789\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:trace_analyzer_and_collector:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73D61D38-EC35-4C15-996C-28484709A42D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:vtune_amplifier:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3A8F80A-95C3-44A1-BB71-8E1A3581B8D2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.\"}, {\"lang\": \"es\", \"value\": \"Intel PSET Application Install wrapper de Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer y Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library y Intel Threading Building Blocks en versiones anteriores a 2017 Update 2 permite a un atacante iniciar un proceso con privilegios escalados.\"}]",
      "id": "CVE-2017-5682",
      "lastModified": "2024-11-21T03:28:12.833",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.3, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2017-02-28T19:59:00.160",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/96482\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr\", \"source\": \"secure@intel.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/96482\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@intel.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-5682\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2017-02-28T19:59:00.160\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.\"},{\"lang\":\"es\",\"value\":\"Intel PSET Application Install wrapper de Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer y Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library y Intel Threading Building Blocks en versiones anteriores a 2017 Update 2 permite a un atacante iniciar un proceso con privilegios escalados.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:advisor:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E6F5FC-D325-4C8C-82E9-82B5FFCEB083\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:cryptography_for_intel_integrated_performance_primitives:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91AFB020-6F26-4D0D-A373-5E6341975421\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:data_analytics_acceleration_library:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40F7BDC-1317-480B-9B23-1F13758543D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:inspector:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9644872-437C-4AD5-9D7C-811E527CC13B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:integrated_performance_primitives:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B67785D4-D084-4C3E-81E6-B6C5BD110885\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:math_kernel_library:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B94882E-342F-4D87-A0D2-6F0C9282B096\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:mpi_library:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B60FA44-7160-4D1A-98AE-744FC2C91B88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:parallel_studio_xe:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9DFA92D-02DD-4623-A7A5-B7780CE24996\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:system_studio:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1314F593-5448-4458-A7FF-A479909C0147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:threading_building_blocks:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"096729CA-6729-480D-BEDD-B294DCB3B789\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:trace_analyzer_and_collector:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73D61D38-EC35-4C15-996C-28484709A42D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:vtune_amplifier:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3A8F80A-95C3-44A1-BB71-8E1A3581B8D2\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/96482\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr\",\"source\":\"secure@intel.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/96482\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GHSA-5W4P-VH66-47F5

Vulnerability from github – Published: 2022-05-13 01:46 – Updated: 2022-05-13 01:46

Details

Severity ?

7.3 (High)


                  
                    CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-5682"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-02-28T19:59:00Z",
    "severity": "HIGH"
  },
  "details": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.",
  "id": "GHSA-5w4p-vh66-47f5",
  "modified": "2022-05-13T01:46:14Z",
  "published": "2022-05-13T01:46:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5682"
    },
    {
      "type": "WEB",
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/96482"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2017-5682

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-5682

Aliases

CVE-2017-5682

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-5682",
    "description": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.",
    "id": "GSD-2017-5682"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-5682"
      ],
      "details": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.",
      "id": "GSD-2017-5682",
      "modified": "2023-12-13T01:21:13.517821Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "ID": "CVE-2017-5682",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Escalation of Privilege"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr",
            "refsource": "CONFIRM",
            "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
          },
          {
            "name": "96482",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/96482"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:threading_building_blocks:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:data_analytics_acceleration_library:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:math_kernel_library:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:cryptography_for_intel_integrated_performance_primitives:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:integrated_performance_primitives:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:mpi_library:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:inspector:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:vtune_amplifier:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:system_studio:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:parallel_studio_xe:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:trace_analyzer_and_collector:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:advisor:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2017-5682"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
            },
            {
              "name": "96482",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/96482"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.3,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2017-02-28T19:59Z"
    }
  }
}

FKIE_CVE-2017-5682

Vulnerability from fkie_nvd - Published: 2017-02-28 19:59 - Updated: 2025-04-20 01:37

Severity ?

7.3 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
secure@intel.com	http://www.securityfocus.com/bid/96482	Third Party Advisory, VDB Entry
secure@intel.com	https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070&languageid=en-fr	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/96482	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070&languageid=en-fr	Vendor Advisory

Impacted products

Vendor	Product	Version
intel	advisor	2017
intel	cryptography_for_intel_integrated_performance_primitives	2017
intel	data_analytics_acceleration_library	2017
intel	inspector	2017
intel	integrated_performance_primitives	2017
intel	math_kernel_library	2017
intel	mpi_library	2017
intel	parallel_studio_xe	2017
intel	system_studio	2017
intel	threading_building_blocks	2017
intel	trace_analyzer_and_collector	2017
intel	vtune_amplifier	2017

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:advisor:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "83E6F5FC-D325-4C8C-82E9-82B5FFCEB083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:cryptography_for_intel_integrated_performance_primitives:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AFB020-6F26-4D0D-A373-5E6341975421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:data_analytics_acceleration_library:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "B40F7BDC-1317-480B-9B23-1F13758543D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:inspector:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9644872-437C-4AD5-9D7C-811E527CC13B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:integrated_performance_primitives:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "B67785D4-D084-4C3E-81E6-B6C5BD110885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:math_kernel_library:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B94882E-342F-4D87-A0D2-6F0C9282B096",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:mpi_library:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B60FA44-7160-4D1A-98AE-744FC2C91B88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:parallel_studio_xe:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9DFA92D-02DD-4623-A7A5-B7780CE24996",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:system_studio:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "1314F593-5448-4458-A7FF-A479909C0147",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:threading_building_blocks:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "096729CA-6729-480D-BEDD-B294DCB3B789",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D61D38-EC35-4C15-996C-28484709A42D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:vtune_amplifier:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3A8F80A-95C3-44A1-BB71-8E1A3581B8D2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
    },
    {
      "lang": "es",
      "value": "Intel PSET Application Install wrapper de Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer y Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library y Intel Threading Building Blocks en versiones anteriores a 2017 Update 2 permite a un atacante iniciar un proceso con privilegios escalados."
    }
  ],
  "id": "CVE-2017-5682",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-02-28T19:59:00.160",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/96482"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/96482"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2017-02744

Vulnerability from cnvd - Published: 2017-03-15

Title

多款Intel产品本地特权提升漏洞

Description

Intel Parallel Studio X等都是美国英特尔（Intel）公司的产品。Intel Parallel Studio X是一套用于提高应用程序的性能和大数据分析的软件；Intel Inspector是一套用于专门动态测试应用程序的内存访问错误和线程访问错误的工具。多款Intel产品中PSET Application Install wrapper存在提权漏洞。攻击者可利用该漏洞以提升的权限启动进程。

Severity

高

Patch Name

多款Intel产品本地特权提升漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070&languageid=en-fr

Reference

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070&amp;languageid=en-fr

Impacted products

Name
['Intel VTune Amplifier 0', 'Intel Trace Analyzer and Collector 0', 'Intel Threading Building Blocks 0', 'Intel System Studio 0', 'Intel Parallel Studio XE 0', 'Intel MPI Library 0', 'Intel Math Kernel Library 0', 'Intel Integrated Performance Primitives 0', 'Intel Inspector 0', 'Intel Data Analytics Acceleration Library 0', 'Intel Cryptography for Intel Integrated Performance Primitives 0', 'Intel Advisor 0']

Name

['Intel VTune Amplifier 0', 'Intel Trace Analyzer and Collector 0', 'Intel Threading Building Blocks 0', 'Intel System Studio 0', 'Intel Parallel Studio XE 0', 'Intel MPI Library 0', 'Intel Math Kernel Library 0', 'Intel Integrated Performance Primitives 0', 'Intel Inspector 0', 'Intel Data Analytics Acceleration Library 0', 'Intel Cryptography for Intel Integrated Performance Primitives 0', 'Intel Advisor 0']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "96482"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-5682"
    }
  },
  "description": "Intel Parallel Studio X\u7b49\u90fd\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Intel Parallel Studio X\u662f\u4e00\u5957\u7528\u4e8e\u63d0\u9ad8\u5e94\u7528\u7a0b\u5e8f\u7684\u6027\u80fd\u548c\u5927\u6570\u636e\u5206\u6790\u7684\u8f6f\u4ef6\uff1bIntel Inspector\u662f\u4e00\u5957\u7528\u4e8e\u4e13\u95e8\u52a8\u6001\u6d4b\u8bd5\u5e94\u7528\u7a0b\u5e8f\u7684\u5185\u5b58\u8bbf\u95ee\u9519\u8bef\u548c\u7ebf\u7a0b\u8bbf\u95ee\u9519\u8bef\u7684\u5de5\u5177\u3002\r\n\r\n\u591a\u6b3eIntel\u4ea7\u54c1\u4e2dPSET Application Install wrapper\u5b58\u5728\u63d0\u6743\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5\u63d0\u5347\u7684\u6743\u9650\u542f\u52a8\u8fdb\u7a0b\u3002",
  "discovererName": "Intel",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-02744",
  "openTime": "2017-03-15",
  "patchDescription": "Intel Parallel Studio X\u7b49\u90fd\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Intel Parallel Studio X\u662f\u4e00\u5957\u7528\u4e8e\u63d0\u9ad8\u5e94\u7528\u7a0b\u5e8f\u7684\u6027\u80fd\u548c\u5927\u6570\u636e\u5206\u6790\u7684\u8f6f\u4ef6\uff1bIntel Inspector\u662f\u4e00\u5957\u7528\u4e8e\u4e13\u95e8\u52a8\u6001\u6d4b\u8bd5\u5e94\u7528\u7a0b\u5e8f\u7684\u5185\u5b58\u8bbf\u95ee\u9519\u8bef\u548c\u7ebf\u7a0b\u8bbf\u95ee\u9519\u8bef\u7684\u5de5\u5177\u3002\r\n\r\n\u591a\u6b3eIntel\u4ea7\u54c1\u4e2dPSET Application Install wrapper\u5b58\u5728\u63d0\u6743\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5\u63d0\u5347\u7684\u6743\u9650\u542f\u52a8\u8fdb\u7a0b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eIntel\u4ea7\u54c1\u672c\u5730\u7279\u6743\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Intel VTune Amplifier 0",
      "Intel Trace Analyzer and Collector 0",
      "Intel Threading Building Blocks 0",
      "Intel System Studio 0",
      "Intel Parallel Studio XE 0",
      "Intel MPI Library 0",
      "Intel Math Kernel Library 0",
      "Intel Integrated Performance Primitives 0",
      "Intel Inspector 0",
      "Intel Data Analytics Acceleration Library 0",
      "Intel Cryptography for Intel Integrated Performance Primitives 0",
      "Intel Advisor 0"
    ]
  },
  "referenceLink": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026amp;amp;languageid=en-fr",
  "serverity": "\u9ad8",
  "submitTime": "2017-03-02",
  "title": "\u591a\u6b3eIntel\u4ea7\u54c1\u672c\u5730\u7279\u6743\u63d0\u5347\u6f0f\u6d1e"
}

VAR-201702-0834

Vulnerability from variot - Updated: 2023-12-18 13:29

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges. plural Intel Product Intel PSET Application Install The wrapper contains a vulnerability that allows processes to be launched with elevated privileges.An attacker could launch a process with elevated privileges. Multiple Intel products are prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges. Intel Parallel Studio X, etc. Intel Parallel Studio X is a set of software for improving application performance and big data analysis; Intel Inspector is a set of tools for dynamic testing of memory access errors and thread access errors in applications

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201702-0834",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "system studio",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "vtune amplifier",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "trace analyzer and collector",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "mpi library",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "inspector",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "parallel studio xe",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "advisor",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "integrated performance primitives",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "cryptography for intel integrated performance primitives",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "threading building blocks",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "data analytics acceleration library",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "math kernel library",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "cryptography for intel integrated performance primitives",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "advisor",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "data analytics acceleration library",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "inspector",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "integrated performance primitives",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "math kernel library",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "mpi library",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "parallel studio xe",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "system studio",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "threading building blocks",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "trace analyzer and collector",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "vtune amplifier",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "vtune amplifier",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "trace analyzer and collector",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "threading building blocks",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "system studio",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "parallel studio xe",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "mpi library",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "math kernel library",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "integrated performance primitives",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "inspector",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "data analytics acceleration library",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "cryptography for intel integrated performance primitives",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "advisor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "vtune amplifier update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "trace analyzer and collector update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "threading building blocks update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "system studio update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "parallel studio xe update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "mpi library update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "math kernel library update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "integrated performance primitives update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "inspector update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "data analytics acceleration library update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "cryptography for intel integrated performance primitives update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "advisor update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "96482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:threading_building_blocks:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:data_analytics_acceleration_library:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:math_kernel_library:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:cryptography_for_intel_integrated_performance_primitives:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:integrated_performance_primitives:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:mpi_library:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:inspector:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:vtune_amplifier:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:system_studio:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:parallel_studio_xe:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:trace_analyzer_and_collector:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:advisor:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "96482"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-5682",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2017-5682",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-113885",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.3,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.3,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2017-5682",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2017-5682",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201702-948",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-113885",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113885"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges. plural Intel Product Intel PSET Application Install The wrapper contains a vulnerability that allows processes to be launched with elevated privileges.An attacker could launch a process with elevated privileges. Multiple Intel products are prone to a local privilege-escalation vulnerability. \nLocal attackers can exploit this issue to gain elevated privileges. Intel Parallel Studio X, etc. Intel Parallel Studio X is a set of software for improving application performance and big data analysis; Intel Inspector is a set of tools for dynamic testing of memory access errors and thread access errors in applications",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "BID",
        "id": "96482"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113885"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-5682",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "96482",
        "trust": 2.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-113885",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113885"
      },
      {
        "db": "BID",
        "id": "96482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "id": "VAR-201702-0834",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113885"
      }
    ],
    "trust": 0.6
  },
  "last_update_date": "2023-12-18T13:29:25.519000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "INTEL-SA-00070",
        "trust": 0.8,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00070\u0026languageid=en-fr"
      },
      {
        "title": "Multiple Intel Product Privilege License and Access Control Vulnerability Fixes",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68054"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-264",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113885"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/96482"
      },
      {
        "trust": 1.6,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00070\u0026languageid=en-fr"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5682"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5682"
      },
      {
        "trust": 0.3,
        "url": "http://www.intel.com/"
      },
      {
        "trust": 0.3,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00070\u0026languageid=en-fr "
      },
      {
        "trust": 0.1,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00070\u0026amp;languageid=en-fr"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113885"
      },
      {
        "db": "BID",
        "id": "96482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-113885"
      },
      {
        "db": "BID",
        "id": "96482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-02-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113885"
      },
      {
        "date": "2017-02-28T00:00:00",
        "db": "BID",
        "id": "96482"
      },
      {
        "date": "2017-04-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "date": "2017-02-28T19:59:00.160000",
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "date": "2017-02-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113885"
      },
      {
        "date": "2017-03-07T00:14:00",
        "db": "BID",
        "id": "96482"
      },
      {
        "date": "2017-04-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "date": "2019-10-03T00:03:26.223000",
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "96482"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Intel Product  Intel PSET Application Install Vulnerability in Wrapper that could launch processes with elevated privileges",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control issues",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-5682 (GCVE-0-2017-5682)

GHSA-5W4P-VH66-47F5

GSD-2017-5682

FKIE_CVE-2017-5682

CNVD-2017-02744

VAR-201702-0834

Tags

Sightings

Nomenclature