CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2022-29500 – Ubuntu Security Notice USN-6458-1
https://notcve.org/view.php?id=CVE-2022-29500
05 May 2022 — SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure. SchedMD Slurm versiones 21.08.x hasta 20.11.x, presenta un Control de Acceso Incorrecto que conlleva a una Divulgación de Información It was discovered that Slurm did not properly handle credential management, which could allow an unprivileged user to impersonate the SlurmUser account. An attacker could possibly use this issue to execute arbitrary code as the root user. It was discovered that Slurm did n... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXLOI3ERTKMZR2KWNRN7OR5S55VPWENH •
CVSS: 9.0EPSS: 1%CPEs: 6EXPL: 0CVE-2022-29501 – Ubuntu Security Notice USN-6458-1
https://notcve.org/view.php?id=CVE-2022-29501
05 May 2022 — SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution. SchedMD Slurm versiones 21.08.x hasta 20.11.x , presenta un Control de Acceso Incorrecto que conlleva a una Escalada de Privilegios y ejecución de código It was discovered that Slurm did not properly handle credential management, which could allow an unprivileged user to impersonate the SlurmUser account. An attacker could possibly use this issue to execute arbitrary code as the root... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXLOI3ERTKMZR2KWNRN7OR5S55VPWENH •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-29502 – Ubuntu Security Notice USN-6458-1
https://notcve.org/view.php?id=CVE-2022-29502
05 May 2022 — SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges. SchedMD Slurm versiones 21.08.x hasta 20.11.x, presenta un Control de Acceso Incorrecto que conlleva a una Escalada de Privilegios It was discovered that Slurm did not properly handle credential management, which could allow an unprivileged user to impersonate the SlurmUser account. An attacker could possibly use this issue to execute arbitrary code as the root user. It was discovered that Slurm did no... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXLOI3ERTKMZR2KWNRN7OR5S55VPWENH •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-43337
https://notcve.org/view.php?id=CVE-2021-43337
17 Nov 2021 — SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=job_script and/or job_env options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have access. SchedMD Slurm versiones 21.08.* anteriores a 21.08.4, presenta un Control de Acceso Incorrecto. En los sitios que usan las nuevas opciones AccountingStoreFlags=job_script y/o job_env, las reglas de control de acceso en SlurmDBD p... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VY34WSSPRPA6MISNYBZWHSGX2SYSEEE •