N/A

Improper neutralization of special elements used in an SQL command ('SQL Injection') in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

N/A

Intel Neural Compressor SQL注入漏洞

Intel Neural Compressor是美国英特尔（Intel）公司的一款开源项目，旨在帮助开发者轻松实现AI模型的优化。 Intel Neural Compressor v3.0之前版本存在SQL注入漏洞，该漏洞源于对 SQL 命令中使用的特殊元素不当中和。攻击者利用该漏洞可以提升权限。

N/A

N/A