Buffer overflow in Intel Oneapi_hpc_toolkit
CVE-2023-23580
Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access.
Vulnerability class: Buffer Overflow
EPSS: 0.002 (9.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 4.8 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L.
Affected products
- Intel Oneapi_hpc_toolkit
- Intel Trace_analyzer_and_collector
- N/a Intel(r) Trace Analyzer And Collector Software — versions before version 2021.8.0 published Dec 2022
Weakness classification (CWE)
References
- secure@intel.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2023-23580?
- CVE-2023-23580 is a medium-severity vulnerability in Intel Oneapi_hpc_toolkit, classified under Stack-based Buffer Overflow. CVSS score: 4.8/10. Published 2023-05-10.
- How severe is CVE-2023-23580?
- Medium severity. CVSS v3 base score is 4.8 out of 10.