Vulnerability Details CVE-2019-12838
SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.046
EPSS Ranking 88.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00005.html
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00051.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00038.html
- https://lists.debian.org/debian-lts-announce/2020/03/msg00016.html
- https://lists.debian.org/debian-lts-announce/2022/01/msg00011.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2O47F72FWMYLEGF35QGNYY5VS33SUQS5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQ6EV3OWKGMTBWCSXZGS4MYADUBLVXSQ/
- https://lists.schedmd.com/pipermail/slurm-announce/2019/
- https://lists.schedmd.com/pipermail/slurm-announce/2019/000025.html
- https://seclists.org/bugtraq/2019/Nov/30
- https://www.debian.org/security/2019/dsa-4572
- https://www.schedmd.com/news.php
- https://www.schedmd.com/news.php?id=218
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00005.html
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00051.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00038.html
- https://lists.debian.org/debian-lts-announce/2020/03/msg00016.html
- https://lists.debian.org/debian-lts-announce/2022/01/msg00011.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2O47F72FWMYLEGF35QGNYY5VS33SUQS5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQ6EV3OWKGMTBWCSXZGS4MYADUBLVXSQ/
- https://lists.schedmd.com/pipermail/slurm-announce/2019/
- https://lists.schedmd.com/pipermail/slurm-announce/2019/000025.html
- https://seclists.org/bugtraq/2019/Nov/30
- https://www.debian.org/security/2019/dsa-4572
- https://www.schedmd.com/news.php
- https://www.schedmd.com/news.php?id=218
Products affected by CVE-2019-12838
-
cpe:2.3:a:schedmd:slurm:17.11.0.1
-
cpe:2.3:a:schedmd:slurm:17.11.1
-
cpe:2.3:a:schedmd:slurm:17.11.1.1
-
cpe:2.3:a:schedmd:slurm:17.11.1.2
-
cpe:2.3:a:schedmd:slurm:17.11.10
-
cpe:2.3:a:schedmd:slurm:17.11.10.1
-
cpe:2.3:a:schedmd:slurm:17.11.11
-
cpe:2.3:a:schedmd:slurm:17.11.11.1
-
cpe:2.3:a:schedmd:slurm:17.11.12
-
cpe:2.3:a:schedmd:slurm:17.11.12.1
-
cpe:2.3:a:schedmd:slurm:17.11.13
-
cpe:2.3:a:schedmd:slurm:17.11.13.1
-
cpe:2.3:a:schedmd:slurm:17.11.13.2
-
cpe:2.3:a:schedmd:slurm:17.11.2
-
cpe:2.3:a:schedmd:slurm:17.11.2.1
-
cpe:2.3:a:schedmd:slurm:17.11.3
-
cpe:2.3:a:schedmd:slurm:17.11.3.1
-
cpe:2.3:a:schedmd:slurm:17.11.3.2
-
cpe:2.3:a:schedmd:slurm:17.11.4
-
cpe:2.3:a:schedmd:slurm:17.11.4.1
-
cpe:2.3:a:schedmd:slurm:17.11.5.0
-
cpe:2.3:a:schedmd:slurm:17.11.5.1
-
cpe:2.3:a:schedmd:slurm:17.11.6
-
cpe:2.3:a:schedmd:slurm:17.11.6.1
-
cpe:2.3:a:schedmd:slurm:17.11.7
-
cpe:2.3:a:schedmd:slurm:17.11.7.1
-
cpe:2.3:a:schedmd:slurm:17.11.8
-
cpe:2.3:a:schedmd:slurm:17.11.8.1
-
cpe:2.3:a:schedmd:slurm:17.11.9
-
cpe:2.3:a:schedmd:slurm:17.11.9-2
-
cpe:2.3:a:schedmd:slurm:17.11.9.1
-
cpe:2.3:a:schedmd:slurm:17.11.9.2
-
cpe:2.3:a:schedmd:slurm:18.08.0-0
-
cpe:2.3:a:schedmd:slurm:18.08.0.0
-
cpe:2.3:a:schedmd:slurm:18.08.0.1
-
cpe:2.3:a:schedmd:slurm:18.08.1
-
cpe:2.3:a:schedmd:slurm:18.08.1.1
-
cpe:2.3:a:schedmd:slurm:18.08.2
-
cpe:2.3:a:schedmd:slurm:18.08.2.1
-
cpe:2.3:a:schedmd:slurm:18.08.3
-
cpe:2.3:a:schedmd:slurm:18.08.3.1
-
cpe:2.3:a:schedmd:slurm:18.08.4
-
cpe:2.3:a:schedmd:slurm:18.08.4.1
-
cpe:2.3:a:schedmd:slurm:18.08.5
-
cpe:2.3:a:schedmd:slurm:18.08.5.1
-
cpe:2.3:a:schedmd:slurm:18.08.5.2
-
cpe:2.3:a:schedmd:slurm:18.08.6
-
cpe:2.3:a:schedmd:slurm:18.08.6.1
-
cpe:2.3:a:schedmd:slurm:18.08.6.2
-
cpe:2.3:a:schedmd:slurm:18.08.7
-
cpe:2.3:a:schedmd:slurm:19.05.0
-
cpe:2.3:o:debian:debian_linux:10.0
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:debian:debian_linux:9.0
-
cpe:2.3:o:fedoraproject:fedora:29
-
cpe:2.3:o:fedoraproject:fedora:30
-
cpe:2.3:o:opensuse:leap:15.0
-
cpe:2.3:o:opensuse:leap:15.1