CVSS: 9.0EPSS: 1%CPEs: 6EXPL: 0CVE-2022-29500 – Ubuntu Security Notice USN-6458-1
https://notcve.org/view.php?id=CVE-2022-29500
05 May 2022 — SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure. SchedMD Slurm versiones 21.08.x hasta 20.11.x, presenta un Control de Acceso Incorrecto que conlleva a una Divulgación de Información It was discovered that Slurm did not properly handle credential management, which could allow an unprivileged user to impersonate the SlurmUser account. An attacker could possibly use this issue to execute arbitrary code as the root user. It was discovered that Slurm did n... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXLOI3ERTKMZR2KWNRN7OR5S55VPWENH •
CVSS: 9.0EPSS: 1%CPEs: 6EXPL: 0CVE-2022-29501 – Ubuntu Security Notice USN-6458-1
https://notcve.org/view.php?id=CVE-2022-29501
05 May 2022 — SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution. SchedMD Slurm versiones 21.08.x hasta 20.11.x , presenta un Control de Acceso Incorrecto que conlleva a una Escalada de Privilegios y ejecución de código It was discovered that Slurm did not properly handle credential management, which could allow an unprivileged user to impersonate the SlurmUser account. An attacker could possibly use this issue to execute arbitrary code as the root... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXLOI3ERTKMZR2KWNRN7OR5S55VPWENH •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-31215 – Ubuntu Security Notice USN-4781-2
https://notcve.org/view.php?id=CVE-2021-31215
13 May 2021 — SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling. SchedMD Slurm versiones anteriores a 20.02.7 y versiones 20.03.xa 20.11.x anteriores a 20.11.7, permite una ejecución de código remota como SlurmUser porque el uso de un script PrologSlurmctld o EpilogSlurmctld conlleva a un manejo inapropiado del entorno USN-4781-1 fixed several vulnerabilities in Slurm... • https://lists.debian.org/debian-lts-announce/2022/01/msg00011.html •