cvelistv5 - cve-2017-5682

cve-2017-5682

Vulnerability from cvelistv5

Published

2017-02-28 19:00

Modified

2024-08-05 15:11

Severity ?

Summary

References

URL	Tags
secure@intel.com	http://www.securityfocus.com/bid/96482	Third Party Advisory, VDB Entry
secure@intel.com	https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070&languageid=en-fr	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/96482	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070&languageid=en-fr	Vendor Advisory

Impacted products

Vendor

Product

Version

▼

n/a

Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2

Version: Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:11:48.398Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
          },
          {
            "name": "96482",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96482"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2"
            }
          ]
        }
      ],
      "datePublic": "2017-02-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-02T10:57:01",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
        },
        {
          "name": "96482",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96482"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2017-5682",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Escalation of Privilege"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr",
              "refsource": "CONFIRM",
              "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
            },
            {
              "name": "96482",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96482"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2017-5682",
    "datePublished": "2017-02-28T19:00:00",
    "dateReserved": "2017-02-01T00:00:00",
    "dateUpdated": "2024-08-05T15:11:48.398Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:advisor:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83E6F5FC-D325-4C8C-82E9-82B5FFCEB083\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:cryptography_for_intel_integrated_performance_primitives:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91AFB020-6F26-4D0D-A373-5E6341975421\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:data_analytics_acceleration_library:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B40F7BDC-1317-480B-9B23-1F13758543D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:inspector:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9644872-437C-4AD5-9D7C-811E527CC13B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:integrated_performance_primitives:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B67785D4-D084-4C3E-81E6-B6C5BD110885\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:math_kernel_library:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B94882E-342F-4D87-A0D2-6F0C9282B096\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:mpi_library:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B60FA44-7160-4D1A-98AE-744FC2C91B88\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:parallel_studio_xe:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9DFA92D-02DD-4623-A7A5-B7780CE24996\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:system_studio:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1314F593-5448-4458-A7FF-A479909C0147\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:threading_building_blocks:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"096729CA-6729-480D-BEDD-B294DCB3B789\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:trace_analyzer_and_collector:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73D61D38-EC35-4C15-996C-28484709A42D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:vtune_amplifier:2017:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3A8F80A-95C3-44A1-BB71-8E1A3581B8D2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.\"}, {\"lang\": \"es\", \"value\": \"Intel PSET Application Install wrapper de Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer y Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library y Intel Threading Building Blocks en versiones anteriores a 2017 Update 2 permite a un atacante iniciar un proceso con privilegios escalados.\"}]",
      "id": "CVE-2017-5682",
      "lastModified": "2024-11-21T03:28:12.833",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.3, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2017-02-28T19:59:00.160",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/96482\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr\", \"source\": \"secure@intel.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/96482\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@intel.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-5682\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2017-02-28T19:59:00.160\",\"lastModified\":\"2024-11-21T03:28:12.833\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.\"},{\"lang\":\"es\",\"value\":\"Intel PSET Application Install wrapper de Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer y Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library y Intel Threading Building Blocks en versiones anteriores a 2017 Update 2 permite a un atacante iniciar un proceso con privilegios escalados.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:advisor:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E6F5FC-D325-4C8C-82E9-82B5FFCEB083\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:cryptography_for_intel_integrated_performance_primitives:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91AFB020-6F26-4D0D-A373-5E6341975421\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:data_analytics_acceleration_library:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40F7BDC-1317-480B-9B23-1F13758543D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:inspector:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9644872-437C-4AD5-9D7C-811E527CC13B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:integrated_performance_primitives:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B67785D4-D084-4C3E-81E6-B6C5BD110885\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:math_kernel_library:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B94882E-342F-4D87-A0D2-6F0C9282B096\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:mpi_library:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B60FA44-7160-4D1A-98AE-744FC2C91B88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:parallel_studio_xe:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9DFA92D-02DD-4623-A7A5-B7780CE24996\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:system_studio:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1314F593-5448-4458-A7FF-A479909C0147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:threading_building_blocks:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"096729CA-6729-480D-BEDD-B294DCB3B789\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:trace_analyzer_and_collector:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73D61D38-EC35-4C15-996C-28484709A42D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:vtune_amplifier:2017:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3A8F80A-95C3-44A1-BB71-8E1A3581B8D2\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/96482\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr\",\"source\":\"secure@intel.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/96482\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

ghsa-5w4p-vh66-47f5

Vulnerability from github

Published

2022-05-13 01:46

Modified

2022-05-13 01:46

Severity ?

7.3 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-5682"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-02-28T19:59:00Z",
    "severity": "HIGH"
  },
  "details": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.",
  "id": "GHSA-5w4p-vh66-47f5",
  "modified": "2022-05-13T01:46:14Z",
  "published": "2022-05-13T01:46:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5682"
    },
    {
      "type": "WEB",
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/96482"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

gsd-2017-5682

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2017-5682

Aliases

CVE-2017-5682

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-5682",
    "description": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.",
    "id": "GSD-2017-5682"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-5682"
      ],
      "details": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.",
      "id": "GSD-2017-5682",
      "modified": "2023-12-13T01:21:13.517821Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "ID": "CVE-2017-5682",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Escalation of Privilege"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr",
            "refsource": "CONFIRM",
            "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
          },
          {
            "name": "96482",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/96482"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:threading_building_blocks:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:data_analytics_acceleration_library:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:math_kernel_library:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:cryptography_for_intel_integrated_performance_primitives:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:integrated_performance_primitives:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:mpi_library:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:inspector:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:vtune_amplifier:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:system_studio:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:parallel_studio_xe:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:trace_analyzer_and_collector:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:advisor:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2017-5682"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
            },
            {
              "name": "96482",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/96482"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.3,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2017-02-28T19:59Z"
    }
  }
}

var-201702-0834

Vulnerability from variot

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges. plural Intel Product Intel PSET Application Install The wrapper contains a vulnerability that allows processes to be launched with elevated privileges.An attacker could launch a process with elevated privileges. Multiple Intel products are prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges. Intel Parallel Studio X, etc. Intel Parallel Studio X is a set of software for improving application performance and big data analysis; Intel Inspector is a set of tools for dynamic testing of memory access errors and thread access errors in applications

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201702-0834",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "system studio",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "vtune amplifier",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "trace analyzer and collector",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "mpi library",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "inspector",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "parallel studio xe",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "advisor",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "integrated performance primitives",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "cryptography for intel integrated performance primitives",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "threading building blocks",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "data analytics acceleration library",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "math kernel library",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2017"
      },
      {
        "model": "cryptography for intel integrated performance primitives",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "advisor",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "data analytics acceleration library",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "inspector",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "integrated performance primitives",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "math kernel library",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "mpi library",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "parallel studio xe",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "system studio",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "threading building blocks",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "trace analyzer and collector",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "vtune amplifier",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "2017 update 2"
      },
      {
        "model": "vtune amplifier",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "trace analyzer and collector",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "threading building blocks",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "system studio",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "parallel studio xe",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "mpi library",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "math kernel library",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "integrated performance primitives",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "inspector",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "data analytics acceleration library",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "cryptography for intel integrated performance primitives",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "advisor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "model": "vtune amplifier update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "trace analyzer and collector update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "threading building blocks update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "system studio update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "parallel studio xe update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "mpi library update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "math kernel library update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "integrated performance primitives update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "inspector update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "data analytics acceleration library update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "cryptography for intel integrated performance primitives update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      },
      {
        "model": "advisor update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "20172"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "96482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:threading_building_blocks:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:data_analytics_acceleration_library:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:math_kernel_library:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:cryptography_for_intel_integrated_performance_primitives:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:integrated_performance_primitives:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:mpi_library:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:inspector:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:vtune_amplifier:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:system_studio:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:parallel_studio_xe:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:trace_analyzer_and_collector:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:advisor:2017:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "96482"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-5682",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2017-5682",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-113885",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.3,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.3,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2017-5682",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2017-5682",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201702-948",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-113885",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113885"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges. plural Intel Product Intel PSET Application Install The wrapper contains a vulnerability that allows processes to be launched with elevated privileges.An attacker could launch a process with elevated privileges. Multiple Intel products are prone to a local privilege-escalation vulnerability. \nLocal attackers can exploit this issue to gain elevated privileges. Intel Parallel Studio X, etc. Intel Parallel Studio X is a set of software for improving application performance and big data analysis; Intel Inspector is a set of tools for dynamic testing of memory access errors and thread access errors in applications",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "BID",
        "id": "96482"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113885"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-5682",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "96482",
        "trust": 2.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-113885",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113885"
      },
      {
        "db": "BID",
        "id": "96482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "id": "VAR-201702-0834",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113885"
      }
    ],
    "trust": 0.6
  },
  "last_update_date": "2023-12-18T13:29:25.519000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "INTEL-SA-00070",
        "trust": 0.8,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00070\u0026languageid=en-fr"
      },
      {
        "title": "Multiple Intel Product Privilege License and Access Control Vulnerability Fixes",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68054"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-264",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113885"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/96482"
      },
      {
        "trust": 1.6,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00070\u0026languageid=en-fr"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5682"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5682"
      },
      {
        "trust": 0.3,
        "url": "http://www.intel.com/"
      },
      {
        "trust": 0.3,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00070\u0026languageid=en-fr "
      },
      {
        "trust": 0.1,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00070\u0026amp;languageid=en-fr"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113885"
      },
      {
        "db": "BID",
        "id": "96482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-113885"
      },
      {
        "db": "BID",
        "id": "96482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-02-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113885"
      },
      {
        "date": "2017-02-28T00:00:00",
        "db": "BID",
        "id": "96482"
      },
      {
        "date": "2017-04-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "date": "2017-02-28T19:59:00.160000",
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "date": "2017-02-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113885"
      },
      {
        "date": "2017-03-07T00:14:00",
        "db": "BID",
        "id": "96482"
      },
      {
        "date": "2017-04-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      },
      {
        "date": "2019-10-03T00:03:26.223000",
        "db": "NVD",
        "id": "CVE-2017-5682"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "96482"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Intel Product  Intel PSET Application Install Vulnerability in Wrapper that could launch processes with elevated privileges",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002288"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control issues",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-948"
      }
    ],
    "trust": 0.6
  }
}

cve-2017-5682

Vulnerability from fkie_nvd

Published

2017-02-28 19:59

Modified

2024-11-21 03:28

Severity ?

7.3 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
secure@intel.com	http://www.securityfocus.com/bid/96482	Third Party Advisory, VDB Entry
secure@intel.com	https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070&languageid=en-fr	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/96482	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070&languageid=en-fr	Vendor Advisory

Impacted products

Vendor	Product	Version
intel	advisor	2017
intel	cryptography_for_intel_integrated_performance_primitives	2017
intel	data_analytics_acceleration_library	2017
intel	inspector	2017
intel	integrated_performance_primitives	2017
intel	math_kernel_library	2017
intel	mpi_library	2017
intel	parallel_studio_xe	2017
intel	system_studio	2017
intel	threading_building_blocks	2017
intel	trace_analyzer_and_collector	2017
intel	vtune_amplifier	2017

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:advisor:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "83E6F5FC-D325-4C8C-82E9-82B5FFCEB083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:cryptography_for_intel_integrated_performance_primitives:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "91AFB020-6F26-4D0D-A373-5E6341975421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:data_analytics_acceleration_library:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "B40F7BDC-1317-480B-9B23-1F13758543D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:inspector:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9644872-437C-4AD5-9D7C-811E527CC13B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:integrated_performance_primitives:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "B67785D4-D084-4C3E-81E6-B6C5BD110885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:math_kernel_library:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B94882E-342F-4D87-A0D2-6F0C9282B096",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:mpi_library:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B60FA44-7160-4D1A-98AE-744FC2C91B88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:parallel_studio_xe:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9DFA92D-02DD-4623-A7A5-B7780CE24996",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:system_studio:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "1314F593-5448-4458-A7FF-A479909C0147",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:threading_building_blocks:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "096729CA-6729-480D-BEDD-B294DCB3B789",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D61D38-EC35-4C15-996C-28484709A42D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:vtune_amplifier:2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3A8F80A-95C3-44A1-BB71-8E1A3581B8D2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
    },
    {
      "lang": "es",
      "value": "Intel PSET Application Install wrapper de Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer y Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library y Intel Threading Building Blocks en versiones anteriores a 2017 Update 2 permite a un atacante iniciar un proceso con privilegios escalados."
    }
  ],
  "id": "CVE-2017-5682",
  "lastModified": "2024-11-21T03:28:12.833",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-02-28T19:59:00.160",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/96482"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/96482"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2017-5682

Vulnerability from cvelistv5

ghsa-5w4p-vh66-47f5

Vulnerability from github

gsd-2017-5682

Vulnerability from gsd

var-201702-0834

Vulnerability from variot

cve-2017-5682

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature