CVE-2022-29500

Опубликовано: 05 мая 2022

Источник: nvd

CVSS3: 8.8

CVSS2: 9

EPSS Низкий

Описание

SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.

Ссылки

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXLOI3ERTKMZR2KWNRN7OR5S55VPWENH/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y6B7OWVNVCJUDE6VDWGCBUWMRCRETAO3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YBI4NFDGGMBKWG4EMSZL5UHATDCLPCQW/
https://lists.schedmd.com/pipermail/slurm-announce/
Mailing List
Vendor Advisory
https://www.debian.org/security/2022/dsa-5166
Third Party Advisory
https://www.schedmd.com/news.php
Mitigation
Vendor Advisory
https://www.schedmd.com/news.php?id=260
Mitigation
Patch
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXLOI3ERTKMZR2KWNRN7OR5S55VPWENH/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y6B7OWVNVCJUDE6VDWGCBUWMRCRETAO3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YBI4NFDGGMBKWG4EMSZL5UHATDCLPCQW/
https://lists.schedmd.com/pipermail/slurm-announce/
Mailing List
Vendor Advisory
https://www.debian.org/security/2022/dsa-5166
Third Party Advisory
https://www.schedmd.com/news.php
Mitigation
Vendor Advisory
https://www.schedmd.com/news.php?id=260
Mitigation
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:schedmd:slurm:*:*:*:*:*:*:*:*

Версия до 20.11.9 (исключая)

cpe:2.3:a:schedmd:slurm:*:*:*:*:*:*:*:*

Версия от 21.08.0 (включая) до 21.08.08 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

Конфигурация 3

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01113

Низкий

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2022-29500

CVSS3: 8.8

ubuntu

почти 4 года назад

SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.

CVE-2022-29500

CVSS3: 8.8

debian

почти 4 года назад

SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control tha ...

SUSE-RU-2023:4336-1

suse-cvrf

больше 2 лет назад

Recommended update for slurm_23_02

SUSE-RU-2023:4335-1

suse-cvrf

больше 2 лет назад

Recommended update for slurm_23_02

SUSE-RU-2023:4334-1

suse-cvrf

больше 2 лет назад

Recommended update for slurm_23_02

EPSS

Процентиль: 78%

0.01113

Низкий

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

NVD-CWE-Other