Details of VAR-201801-0827

ID

VAR-201801-0827

CVE

CVE-2017-5696

TITLE

Intel Unreliable search path vulnerability in graphics driver

Trust: 0.8

sources: JVNDB: JVNDB-2017-012157

DESCRIPTION

Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access. Intel Graphics drivers contain an unreliable search path vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Graphics Driver is an integrated graphics driver developed by Intel Corporation

Trust: 1.71

sources: NVD: CVE-2017-5696 // JVNDB: JVNDB-2017-012157 // VULHUB: VHN-113899

AFFECTED PRODUCTS

vendor:	intel	model:	graphics driver	scope:	eq	version:	15.45.18.4664	Trust: 1.6
vendor:	intel	model:	graphics driver	scope:	eq	version:	15.45.19.4678	Trust: 1.6
vendor:	intel	model:	graphics driver	scope:	eq	version:	15.40.37.4835	Trust: 1.6
vendor:	intel	model:	graphics driver	scope:	eq	version:	15.40.7.64.4279	Trust: 1.6
vendor:	intel	model:	graphics driver	scope:	eq	version:	15.40.26.4474	Trust: 1.6
vendor:	intel	model:	graphics driver	scope:	eq	version:	15.40.4.64.4256	Trust: 1.6
vendor:	intel	model:	graphics driver	scope:	eq	version:	15.40.36.4703	Trust: 1.6
vendor:	intel	model:	graphics driver	scope:	eq	version:	15.40.14.4352	Trust: 1.6
vendor:	intel	model:	graphics driver	scope:	eq	version:	15.40.34.4624	Trust: 1.6
vendor:	intel	model:	graphics driver	scope:	lt	version:	21.20.16.4860	Trust: 1.0
vendor:	intel	model:	graphics driver	scope:	eq	version:	15.45.23.4860	Trust: 1.0
vendor:	intel	model:	graphics driver	scope:	eq	version:	15.45.21.4821	Trust: 1.0
vendor:	intel	model:	graphics driver	scope:	eq	version:	15.40.1.64.4256	Trust: 1.0
vendor:	intel	model:	graphics driver	scope:	eq	version:	15.40.x.x	Trust: 0.8
vendor:	intel	model:	graphics driver	scope:	eq	version:	15.45.x.x	Trust: 0.8
vendor:	intel	model:	graphics driver	scope:	eq	version:	21.20.x.x	Trust: 0.8
vendor:	intel	model:	graphics driver	scope:	eq	version:	15.40.4404	Trust: 0.6

sources: JVNDB: JVNDB-2017-012157 // CNNVD: CNNVD-201801-796 // NVD: CVE-2017-5696

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-5696
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-5696
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201801-796
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-113899
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-5696
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-113899
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-5696
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-113899 // JVNDB: JVNDB-2017-012157 // CNNVD: CNNVD-201801-796 // NVD: CVE-2017-5696

PROBLEMTYPE DATA

problemtype:

CWE-426

Trust: 1.9

sources: VULHUB: VHN-113899 // JVNDB: JVNDB-2017-012157 // NVD: CVE-2017-5696

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201801-796

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201801-796

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-012157

PATCH

title:	INTEL-SA-00080	url:	https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080&languageid=en-fr	Trust: 0.8
title:	Intel Graphics Driver Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=77974	Trust: 0.6

sources: JVNDB: JVNDB-2017-012157 // CNNVD: CNNVD-201801-796

EXTERNAL IDS

db:	NVD	id:	CVE-2017-5696	Trust: 2.5
db:	JVNDB	id:	JVNDB-2017-012157	Trust: 0.8
db:	CNNVD	id:	CNNVD-201801-796	Trust: 0.7
db:	VULHUB	id:	VHN-113899	Trust: 0.1

sources: VULHUB: VHN-113899 // JVNDB: JVNDB-2017-012157 // CNNVD: CNNVD-201801-796 // NVD: CVE-2017-5696

REFERENCES

url:	https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00080&languageid=en-fr	Trust: 1.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5696	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-5696	Trust: 0.8
url:	https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00080&languageid=en-fr	Trust: 0.1

sources: VULHUB: VHN-113899 // JVNDB: JVNDB-2017-012157 // CNNVD: CNNVD-201801-796 // NVD: CVE-2017-5696

SOURCES

db:	VULHUB	id:	VHN-113899
db:	JVNDB	id:	JVNDB-2017-012157
db:	CNNVD	id:	CNNVD-201801-796
db:	NVD	id:	CVE-2017-5696

LAST UPDATE DATE

2024-11-23T22:38:17.605000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-113899	date:	2018-02-07T00:00:00
db:	JVNDB	id:	JVNDB-2017-012157	date:	2018-02-22T00:00:00
db:	CNNVD	id:	CNNVD-201801-796	date:	2018-01-19T00:00:00
db:	NVD	id:	CVE-2017-5696	date:	2024-11-21T03:28:14.463

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-113899	date:	2018-01-18T00:00:00
db:	JVNDB	id:	JVNDB-2017-012157	date:	2018-02-22T00:00:00
db:	CNNVD	id:	CNNVD-201801-796	date:	2018-01-19T00:00:00
db:	NVD	id:	CVE-2017-5696	date:	2018-01-18T01:29:00.617