Uncontrolled Search Path Vulnerability in Intel Trace Analyzer and Collector
CVE-2022-26062

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Trace Analyzer And Collector For Intel(r) Oneapi HPc Toolkit
Vendor: CVE Published:; 16 February 2023

Summary

The vulnerability in Intel Trace Analyzer and Collector due to an uncontrolled search path element can allow an authenticated user to potentially escalate privileges through local access. This issue occurs in versions prior to 2021.6 of the Intel oneAPI HPC Toolkit. Users should be aware of this vulnerability and consider updating their software to mitigate risks.

Affected Version(s)

Intel(R) Trace Analyzer and Collector for Intel(R) oneAPI HPC Toolkit before version 2021.6

References

http://www.intel.com/content/www/us/en/security-center/ad...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 16, 2023
Vulnerability Reserved
Mar 9, 2022