Shodan
Vulnerabilities
Vulnerable Software
Schedmd:  >> Slurm  >> 1.0.9.1  Security Vulnerabilities
CVE-2024-48936
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled stepmgr via SlurmctldParameters=enable_stepmgr in their configuration.
CVSS Score
5.0
EPSS Score
0.001
Published
2024-10-28
CVE-2022-29500
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.
CVSS Score
8.8
EPSS Score
0.01
Published
2022-05-05
CVE-2022-29501
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution.
CVSS Score
8.8
EPSS Score
0.013
Published
2022-05-05
CVE-2021-31215
SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.
CVSS Score
8.8
EPSS Score
0.007
Published
2021-05-13
CVE-2020-27746
Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem.
CVSS Score
3.7
EPSS Score
0.003
Published
2020-11-27
CVE-2020-27745
Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin.
CVSS Score
9.8
EPSS Score
0.008
Published
2020-11-27
CVE-2019-19727
SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions.
CVSS Score
5.5
EPSS Score
0.0
Published
2020-01-13
CVE-2019-19728
SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun --uid with incorrect privileges.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-01-13
CVE-2018-10995
SchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields).
CVSS Score
5.3
EPSS Score
0.005
Published
2018-05-30
CVE-2018-7033
SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-03-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved