CVE-2023-49938
HIGH
8,2
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: low
Availability: none
Description
AI Translation Available
An issue was discovered in SchedMD Slurm 22.05.x and 23.02.x. There is Incorrect Access Control: an attacker can modified their extended group list that is used with the sbcast subsystem, and open files with an unauthorized set of extended groups. The fixed versions are 22.05.11 and 23.02.7.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0020
Percentile
0,4th
Updated
EPSS Score Trend (Last 90 Days)
Application
Slurm by Schedmd
Version Range Affected
From
23.02.0
(inclusive)
To
23.02.7
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:schedmd:slurm:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Slurm by Schedmd
Version Range Affected
From
22.05.0
(inclusive)
To
22.05.11
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:schedmd:slurm:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html
https://www.schedmd.com/security-archive.php
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html
https://www.schedmd.com/security-archive.php