Описание
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled stepmgr via SlurmctldParameters=enable_stepmgr in their configuration.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not present |
| esm-apps/jammy | needed | |
| esm-apps/noble | not-affected | code not present |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | needed | |
| noble | not-affected | code not present |
| oracular | ignored | end of life, was needs-triage |
| plucky | not-affected | code not present |
| questing | not-affected | code not present |
Показывать по
EPSS
5 Medium
CVSS3
Связанные уязвимости
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled stepmgr via SlurmctldParameters=enable_stepmgr in their configuration.
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in ...
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled stepmgr via SlurmctldParameters=enable_stepmgr in their configuration.
EPSS
5 Medium
CVSS3