Описание
apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified aprun program, aka ID FN5912.
Уязвимые конфигурации
Конфигурация 1Версия до 4.2 (включая)
Одно из
cpe:2.3:o:cray:cray_linux_environment:*:*:*:*:*:*:*:*
cpe:2.3:o:cray:cray_linux_environment:5.1:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00045
Низкий
7.2 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified aprun program, aka ID FN5912.
EPSS
Процентиль: 14%
0.00045
Низкий
7.2 High
CVSS2
Дефекты
CWE-20