← Zuruck zu CVEs
CVE-2021-43337
MEDIUM6.5
Beschreibung
SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=job_script and/or job_env options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have access.
CVE Details
CVSS v3.1 Bewertung6.5
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht11/17/2021
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
fedoraproject:fedoraschedmd:slurm
Referenzen
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VY34WSSPRPA6MISNYBZWHSGX2SYSEEE/(cve@mitre.org)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DUWNGDQTS7AWFI7FIHUWQOYJSD2IQTCG/(cve@mitre.org)
https://lists.schedmd.com/pipermail/slurm-announce/(cve@mitre.org)
https://www.schedmd.com/news.php(cve@mitre.org)
https://www.schedmd.com/news.php?id=256(cve@mitre.org)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VY34WSSPRPA6MISNYBZWHSGX2SYSEEE/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DUWNGDQTS7AWFI7FIHUWQOYJSD2IQTCG/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.schedmd.com/pipermail/slurm-announce/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.schedmd.com/pipermail/slurm-announce/2021/000068.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.schedmd.com/news.php(af854a3a-2127-422b-91ae-364da2661108)
https://www.schedmd.com/news.php?id=256(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.