cvelistv5 - cve-2017-5696

CVE-2017-5696 (GCVE-0-2017-5696)

Vulnerability from cvelistv5 – Published: 2018-01-18 01:00 – Updated: 2024-09-16 18:34

Summary

Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access.

Severity ?

No CVSS data available.

CWE

Information Disclosure/Denial of Service

Assigner

intel

References

URL

Tags

https://security-center.intel.com/advisory.aspx?i…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Intel Corporation	Intel Graphics Driver	Affected: 15.40.x.x Affected: 15.45.x.x Affected: 21.20.x.x

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:11:48.533Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel Graphics Driver",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "15.40.x.x"
            },
            {
              "status": "affected",
              "version": "15.45.x.x"
            },
            {
              "status": "affected",
              "version": "21.20.x.x"
            }
          ]
        }
      ],
      "datePublic": "2018-01-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure/Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-18T00:57:01",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2018-01-16T00:00:00",
          "ID": "CVE-2017-5696",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel Graphics Driver",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "15.40.x.x"
                          },
                          {
                            "version_value": "15.45.x.x"
                          },
                          {
                            "version_value": "21.20.x.x"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure/Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr",
              "refsource": "CONFIRM",
              "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2017-5696",
    "datePublished": "2018-01-18T01:00:00Z",
    "dateReserved": "2017-02-01T00:00:00",
    "dateUpdated": "2024-09-16T18:34:32.533Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.20.16.4860\", \"matchCriteriaId\": \"8D838FFC-C618-4AC2-B761-0CE558EDEF30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.1.64.4256:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17C2024D-1B35-44CD-8918-3549D92D8B4E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.4.64.4256:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A142D12-514E-4B13-A77E-A63D2525A2DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.7.64.4279:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE08572D-F0E3-4F5E-A5E1-D69486E87129\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.14.4352:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30B59E90-097C-4BF8-BCDE-321C810D1389\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.26.4474:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61E584F3-65D0-4D38-ABBB-83C86CDF169D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9DB6338-23B0-4C1D-97C2-345A22EDCFEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D7C8297-0E65-4659-8049-34401194D0FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58D10DEC-49BC-4226-83CE-0C4B805CD296\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA3A67F6-415F-4B0E-AA2B-40286CC492A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B637567-0958-488D-ACCA-E5A61D71433A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9579A4DB-D506-4570-9C40-1CB4BD666A69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09F53D97-D600-4AB1-8898-2491AC8B90A8\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access.\"}, {\"lang\": \"es\", \"value\": \"Una ruta de b\\u00fasqueda no fiable en Intel Graphics Driver 15.40.x.x, 15.45.x.x y 21.20.x.x permite que un usuario sin privilegios eleve sus privilegios mediante acceso local.\"}]",
      "id": "CVE-2017-5696",
      "lastModified": "2024-11-21T03:28:14.463",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2018-01-18T01:29:00.617",
      "references": "[{\"url\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr\", \"source\": \"secure@intel.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@intel.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-426\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-5696\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2018-01-18T01:29:00.617\",\"lastModified\":\"2024-11-21T03:28:14.463\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access.\"},{\"lang\":\"es\",\"value\":\"Una ruta de b\u00fasqueda no fiable en Intel Graphics Driver 15.40.x.x, 15.45.x.x y 21.20.x.x permite que un usuario sin privilegios eleve sus privilegios mediante acceso local.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-426\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.20.16.4860\",\"matchCriteriaId\":\"8D838FFC-C618-4AC2-B761-0CE558EDEF30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.1.64.4256:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17C2024D-1B35-44CD-8918-3549D92D8B4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.4.64.4256:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A142D12-514E-4B13-A77E-A63D2525A2DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.7.64.4279:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE08572D-F0E3-4F5E-A5E1-D69486E87129\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.14.4352:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30B59E90-097C-4BF8-BCDE-321C810D1389\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.26.4474:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E584F3-65D0-4D38-ABBB-83C86CDF169D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9DB6338-23B0-4C1D-97C2-345A22EDCFEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D7C8297-0E65-4659-8049-34401194D0FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58D10DEC-49BC-4226-83CE-0C4B805CD296\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA3A67F6-415F-4B0E-AA2B-40286CC492A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B637567-0958-488D-ACCA-E5A61D71433A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9579A4DB-D506-4570-9C40-1CB4BD666A69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09F53D97-D600-4AB1-8898-2491AC8B90A8\"}]}]}],\"references\":[{\"url\":\"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr\",\"source\":\"secure@intel.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GSD-2017-5696

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access.

Aliases

CVE-2017-5696

Aliases

CVE-2017-5696

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-5696",
    "description": "Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access.",
    "id": "GSD-2017-5696"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-5696"
      ],
      "details": "Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access.",
      "id": "GSD-2017-5696",
      "modified": "2023-12-13T01:21:13.905893Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "DATE_PUBLIC": "2018-01-16T00:00:00",
        "ID": "CVE-2017-5696",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel Graphics Driver",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "15.40.x.x"
                        },
                        {
                          "version_value": "15.45.x.x"
                        },
                        {
                          "version_value": "21.20.x.x"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Intel Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Information Disclosure/Denial of Service"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr",
            "refsource": "CONFIRM",
            "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.14.4352:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.26.4474:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.4.64.4256:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "21.20.16.4860",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.1.64.4256:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.7.64.4279:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2017-5696"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-426"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2018-02-07T11:48Z",
      "publishedDate": "2018-01-18T01:29Z"
    }
  }
}

FKIE_CVE-2017-5696

Vulnerability from fkie_nvd - Published: 2018-01-18 01:29 - Updated: 2024-11-21 03:28

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access.

References

	URL	Tags
	secure@intel.com	https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080&languageid=en-fr	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080&languageid=en-fr	Vendor Advisory

Impacted products

Vendor	Product	Version
intel	graphics_driver	*
intel	graphics_driver	15.40.1.64.4256
intel	graphics_driver	15.40.4.64.4256
intel	graphics_driver	15.40.7.64.4279
intel	graphics_driver	15.40.14.4352
intel	graphics_driver	15.40.26.4474
intel	graphics_driver	15.40.34.4624
intel	graphics_driver	15.40.36.4703
intel	graphics_driver	15.40.37.4835
intel	graphics_driver	15.45.18.4664
intel	graphics_driver	15.45.19.4678
intel	graphics_driver	15.45.21.4821
intel	graphics_driver	15.45.23.4860

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D838FFC-C618-4AC2-B761-0CE558EDEF30",
              "versionEndExcluding": "21.20.16.4860",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.1.64.4256:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C2024D-1B35-44CD-8918-3549D92D8B4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.4.64.4256:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A142D12-514E-4B13-A77E-A63D2525A2DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.7.64.4279:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE08572D-F0E3-4F5E-A5E1-D69486E87129",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.14.4352:*:*:*:*:*:*:*",
              "matchCriteriaId": "30B59E90-097C-4BF8-BCDE-321C810D1389",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.26.4474:*:*:*:*:*:*:*",
              "matchCriteriaId": "61E584F3-65D0-4D38-ABBB-83C86CDF169D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9DB6338-23B0-4C1D-97C2-345A22EDCFEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D7C8297-0E65-4659-8049-34401194D0FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:*:*:*",
              "matchCriteriaId": "58D10DEC-49BC-4226-83CE-0C4B805CD296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA3A67F6-415F-4B0E-AA2B-40286CC492A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B637567-0958-488D-ACCA-E5A61D71433A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:*:*:*",
              "matchCriteriaId": "9579A4DB-D506-4570-9C40-1CB4BD666A69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:*:*:*",
              "matchCriteriaId": "09F53D97-D600-4AB1-8898-2491AC8B90A8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access."
    },
    {
      "lang": "es",
      "value": "Una ruta de b\u00fasqueda no fiable en Intel Graphics Driver 15.40.x.x, 15.45.x.x y 21.20.x.x permite que un usuario sin privilegios eleve sus privilegios mediante acceso local."
    }
  ],
  "id": "CVE-2017-5696",
  "lastModified": "2024-11-21T03:28:14.463",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-01-18T01:29:00.617",
  "references": [
    {
      "source": "secure@intel.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-426"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201801-0827

Vulnerability from variot - Updated: 2023-12-18 12:44

Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access. Intel Graphics drivers contain an unreliable search path vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Graphics Driver is an integrated graphics driver developed by Intel Corporation

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201801-0827",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "15.40.37.4835"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "15.40.4.64.4256"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "15.40.34.4624"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "15.40.26.4474"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "15.40.7.64.4279"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "15.40.14.4352"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "15.40.36.4703"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "15.45.18.4664"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "intel",
        "version": "15.45.19.4678"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.45.21.4821"
      },
      {
        "model": "graphics driver",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "21.20.16.4860"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.40.1.64.4256"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.45.23.4860"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "15.40.x.x"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "15.45.x.x"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "21.20.x.x"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "15.40.4404"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012157"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5696"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-796"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.14.4352:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.26.4474:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.4.64.4256:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "21.20.16.4860",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.1.64.4256:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.7.64.4279:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5696"
      }
    ]
  },
  "cve": "CVE-2017-5696",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 6.8,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2017-5696",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-113899",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2017-5696",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2017-5696",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201801-796",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-113899",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113899"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012157"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5696"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-796"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access. Intel Graphics drivers contain an unreliable search path vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Graphics Driver is an integrated graphics driver developed by Intel Corporation",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5696"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012157"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113899"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-5696",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012157",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-796",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-113899",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113899"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012157"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5696"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-796"
      }
    ]
  },
  "id": "VAR-201801-0827",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113899"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:44:13.421000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "INTEL-SA-00080",
        "trust": 0.8,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00080\u0026languageid=en-fr"
      },
      {
        "title": "Intel Graphics Driver Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77974"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012157"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-796"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-426",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113899"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012157"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5696"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00080\u0026languageid=en-fr"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5696"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5696"
      },
      {
        "trust": 0.1,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00080\u0026amp;languageid=en-fr"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113899"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012157"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5696"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-796"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-113899"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012157"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5696"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-796"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-01-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113899"
      },
      {
        "date": "2018-02-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-012157"
      },
      {
        "date": "2018-01-18T01:29:00.617000",
        "db": "NVD",
        "id": "CVE-2017-5696"
      },
      {
        "date": "2018-01-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201801-796"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-02-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113899"
      },
      {
        "date": "2018-02-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-012157"
      },
      {
        "date": "2018-02-07T11:48:20.880000",
        "db": "NVD",
        "id": "CVE-2017-5696"
      },
      {
        "date": "2018-01-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201801-796"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-796"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel Unreliable search path vulnerability in graphics driver",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012157"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-796"
      }
    ],
    "trust": 0.6
  }
}

CNVD-2018-03278

Vulnerability from cnvd - Published: 2018-02-13

Title

Intel Graphics Driver不可信的搜索路径漏洞

Description

Intel Graphics Driver是美国英特尔（Intel）公司开发的一款集成显卡驱动程序。 Intel Graphics Driver中存在不可信的搜索路径漏洞。攻击者可借助本地访问权限利用该漏洞提升权限。

Severity

中

Patch Name

Intel Graphics Driver不可信的搜索路径漏洞的补丁

Patch Description

Intel Graphics Driver是美国英特尔（Intel）公司开发的一款集成显卡驱动程序。 Intel Graphics Driver中存在不可信的搜索路径漏洞。攻击者可借助本地访问权限利用该漏洞提升权限。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080&languageid=en-fr

Reference

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080&languageid=en-fr

Impacted products

Name
['Intel Graphics Driver 15.40..', 'Intel Graphics Driver 15.45..', 'Intel Graphics Driver 21.20..']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-5696"
    }
  },
  "description": "Intel Graphics Driver\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3e\u96c6\u6210\u663e\u5361\u9a71\u52a8\u7a0b\u5e8f\u3002\r\n\r\nIntel Graphics Driver\u4e2d\u5b58\u5728\u4e0d\u53ef\u4fe1\u7684\u641c\u7d22\u8def\u5f84\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u672c\u5730\u8bbf\u95ee\u6743\u9650\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002",
  "discovererName": "Lenovo Group Ltd",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-03278",
  "openTime": "2018-02-13",
  "patchDescription": "Intel Graphics Driver\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3e\u96c6\u6210\u663e\u5361\u9a71\u52a8\u7a0b\u5e8f\u3002\r\n\r\nIntel Graphics Driver\u4e2d\u5b58\u5728\u4e0d\u53ef\u4fe1\u7684\u641c\u7d22\u8def\u5f84\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u672c\u5730\u8bbf\u95ee\u6743\u9650\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Intel Graphics Driver\u4e0d\u53ef\u4fe1\u7684\u641c\u7d22\u8def\u5f84\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Intel Graphics Driver 15.40.*.*",
      "Intel Graphics Driver 15.45.*.*",
      "Intel Graphics Driver  21.20.*.*"
    ]
  },
  "referenceLink": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr",
  "serverity": "\u4e2d",
  "submitTime": "2018-01-22",
  "title": "Intel Graphics Driver\u4e0d\u53ef\u4fe1\u7684\u641c\u7d22\u8def\u5f84\u6f0f\u6d1e"
}

GHSA-P5GP-PFC7-Q5G2

Vulnerability from github – Published: 2022-05-14 03:46 – Updated: 2022-05-14 03:46

Details

Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access.

Severity ?

7.8 (High)


                  
                    CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-5696"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-426"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-01-18T01:29:00Z",
    "severity": "HIGH"
  },
  "details": "Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access.",
  "id": "GHSA-p5gp-pfc7-q5g2",
  "modified": "2022-05-14T03:46:10Z",
  "published": "2022-05-14T03:46:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5696"
    },
    {
      "type": "WEB",
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080\u0026languageid=en-fr"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-5696 (GCVE-0-2017-5696)

GSD-2017-5696

FKIE_CVE-2017-5696

VAR-201801-0827

CNVD-2018-03278

GHSA-P5GP-PFC7-Q5G2

Tags

Sightings

Nomenclature