{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-27505", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "state": "PUBLISHED", "assignerShortName": "intel", "dateReserved": "2023-03-02T04:00:03.085Z", "datePublished": "2023-08-11T02:37:10.914Z", "dateUpdated": "2024-10-10T15:14:17.018Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2023-08-11T02:37:10.914Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "escalation of privilege"}, {"lang": "en", "description": "Incorrect default permissions", "cweId": "CWE-276", "type": "CWE"}]}], "affected": [{"vendor": "n/a", "product": "Intel(R) Advanced Link Analyzer Standard Edition software installers", "versions": [{"version": "before version 22.1 .1", "status": "affected"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Incorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access."}], "references": [{"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00848.html", "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00848.html"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T12:16:35.583Z"}, "title": "CVE Program Container", "references": [{"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00848.html", "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00848.html", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-10T15:13:46.312070Z", "id": "CVE-2023-27505", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-10T15:14:17.018Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00848.html", "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00848.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T12:16:35.583Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-27505", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-10T15:13:46.312070Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-10T15:14:12.554Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "n/a", "product": "Intel(R) Advanced Link Analyzer Standard Edition software installers", "versions": [{"status": "affected", "version": "before version 22.1 .1"}], "defaultStatus": "unaffected"}], "references": [{"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00848.html", "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00848.html"}], "descriptions": [{"lang": "en", "value": "Incorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "escalation of privilege"}, {"lang": "en", "type": "CWE", "cweId": "CWE-276", "description": "Incorrect default permissions"}]}], "providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2023-08-11T02:37:10.914Z"}}}, "cveMetadata": {"cveId": "CVE-2023-27505", "state": "PUBLISHED", "dateUpdated": "2024-10-10T15:14:17.018Z", "dateReserved": "2023-03-02T04:00:03.085Z", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "datePublished": "2023-08-11T02:37:10.914Z", "assignerShortName": "intel"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:intel:advanced_link_analyzer:*:*:*:*:standard:*:*:*", "matchCriteriaId": "F5AF8CB8-F5F9-4D15-985B-B68CD4491EAA", "versionEndExcluding": "22.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Incorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access."}], "id": "CVE-2023-27505", "lastModified": "2024-11-21T07:53:02.737", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "secure@intel.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-11T03:15:23.650", "references": [{"source": "secure@intel.com", "tags": ["Vendor Advisory"], "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00848.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00848.html"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "secure@intel.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-276"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}