cve-2016-10030
Vulnerability from cvelistv5
Published
2017-01-05 11:00
Modified
2024-08-06 03:07
Severity ?
Summary
The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on the system. Any exploitation of this is dependent on the user being able to cause or anticipate the failure (non-zero return code) of a Prolog script that their job would run on. This issue affects all Slurm versions from 0.6.0 (September 2005) to present. Workarounds to prevent exploitation of this are to either disable your Prolog script, or modify it such that it always returns 0 ("success") and adjust it to set the node as down using scontrol instead of relying on the slurmd to handle that automatically. If you do not have a Prolog set you are unaffected by this issue.
References
cve@mitre.orghttp://www.securityfocus.com/bid/95299
cve@mitre.orghttps://github.com/SchedMD/slurm/commit/92362a92fffe60187df61f99ab11c249d44120eePatch, Vendor Advisory
cve@mitre.orghttps://www.schedmd.com/news.php?id=178Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/95299
af854a3a-2127-422b-91ae-364da2661108https://github.com/SchedMD/slurm/commit/92362a92fffe60187df61f99ab11c249d44120eePatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.schedmd.com/news.php?id=178Mitigation, Vendor Advisory
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:31.955Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/SchedMD/slurm/commit/92362a92fffe60187df61f99ab11c249d44120ee"
          },
          {
            "name": "95299",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95299"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.schedmd.com/news.php?id=178"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on the system. Any exploitation of this is dependent on the user being able to cause or anticipate the failure (non-zero return code) of a Prolog script that their job would run on. This issue affects all Slurm versions from 0.6.0 (September 2005) to present. Workarounds to prevent exploitation of this are to either disable your Prolog script, or modify it such that it always returns 0 (\"success\") and adjust it to set the node as down using scontrol instead of relying on the slurmd to handle that automatically. If you do not have a Prolog set you are unaffected by this issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-09T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/SchedMD/slurm/commit/92362a92fffe60187df61f99ab11c249d44120ee"
        },
        {
          "name": "95299",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95299"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.schedmd.com/news.php?id=178"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10030",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on the system. Any exploitation of this is dependent on the user being able to cause or anticipate the failure (non-zero return code) of a Prolog script that their job would run on. This issue affects all Slurm versions from 0.6.0 (September 2005) to present. Workarounds to prevent exploitation of this are to either disable your Prolog script, or modify it such that it always returns 0 (\"success\") and adjust it to set the node as down using scontrol instead of relying on the slurmd to handle that automatically. If you do not have a Prolog set you are unaffected by this issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/SchedMD/slurm/commit/92362a92fffe60187df61f99ab11c249d44120ee",
              "refsource": "CONFIRM",
              "url": "https://github.com/SchedMD/slurm/commit/92362a92fffe60187df61f99ab11c249d44120ee"
            },
            {
              "name": "95299",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95299"
            },
            {
              "name": "https://www.schedmd.com/news.php?id=178",
              "refsource": "CONFIRM",
              "url": "https://www.schedmd.com/news.php?id=178"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10030",
    "datePublished": "2017-01-05T11:00:00",
    "dateReserved": "2016-12-22T00:00:00",
    "dateUpdated": "2024-08-06T03:07:31.955Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"15.08.12\", \"matchCriteriaId\": \"E0909E51-4336-4389-93EA-0B2F5497F572\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:16.05.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CF0BB7E-6A58-44F1-B256-050B994337C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:16.05.0:pre1:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC0DE382-132A-4368-A5EE-E4C41356DFDC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:16.05.0:pre2:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE5FDB9D-001B-40E0-A03C-FC6DC613A9AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:16.05.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"91FFABC7-8770-4D73-901F-5DB67FE038FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:16.05.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7744D1CC-1C6A-48E3-9CEB-EC2F4ACCF5A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:16.05.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D0908F7-FB4C-430A-A710-8436F02FCFEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:16.05.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66F7F64E-CB09-440E-A54B-DDC7BBB0B3BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:16.05.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"985B2E2F-6215-4B7A-B6DD-3D1814E1F015\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:16.05.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E18A9C0-A73F-4BAA-A7FF-9B2B30C61224\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:16.05.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7BE93BD8-C330-4504-B44A-C727D71D7EC4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:16.05.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A05FDEE-FE60-45C0-8AA8-277DADF87926\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:17.02.0:pre1:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2D03B41-F9D6-41EB-AEE7-B2673BECA338\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:17.02.0:pre2:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2DD1E41-DE4C-4C0A-ABBD-3360AF9DECFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schedmd:slurm:17.02.0:pre3:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE470D55-EB72-4C0E-BA6F-A7D9A5B34C13\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on the system. Any exploitation of this is dependent on the user being able to cause or anticipate the failure (non-zero return code) of a Prolog script that their job would run on. This issue affects all Slurm versions from 0.6.0 (September 2005) to present. Workarounds to prevent exploitation of this are to either disable your Prolog script, or modify it such that it always returns 0 (\\\"success\\\") and adjust it to set the node as down using scontrol instead of relying on the slurmd to handle that automatically. If you do not have a Prolog set you are unaffected by this issue.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n _prolog_error en slurmd/req.c en Slurm en versiones anteriores a 15.08.13, 16.x en versiones anteriores a 16.05.7 y 17.x en versiones anteriores a 17.02.0-pre4 tiene una vulnerabilidad en como el slurmd daemon informa a los usuarios de un fallo Prolog en un nodo de c\\u00e1lculo. Esta vulnerabilidad podr\\u00eda permitir a un usuario asumir el control de un archivo arbitrario en el sistema. Cualquier explotaci\\u00f3n de esto depende de que el usuario pueda provocar o anticipar el fallo (c\\u00f3digo de retorno distinto de cero) de una secuencia de comandos Prolog que ejecutar\\u00eda su trabajo. Este problema afecta a todas las versiones de Slurm desde la 0.6.0 (septiembre de 2005) hasta el presente. Las soluciones para evitar la explotaci\\u00f3n de esto son para deshabilitar su secuencia de comandos Prolog, o modificarlo de tal manera que siempre devuelva 0 (\\\"\\u00e9xito\\\") y ajustarlo para establecer el nodo como ca\\u00eddo utilizando scontrol en lugar de confiar en slurmd para manejarlo autom\\u00e1ticamente. Si no tiene un conjunto Prolog, no se ver\\u00e1 afectado por este problema.\"}]",
      "id": "CVE-2016-10030",
      "lastModified": "2024-11-21T02:43:07.207",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.6, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 4.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-01-05T11:59:00.133",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/95299\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://github.com/SchedMD/slurm/commit/92362a92fffe60187df61f99ab11c249d44120ee\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.schedmd.com/news.php?id=178\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/95299\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/SchedMD/slurm/commit/92362a92fffe60187df61f99ab11c249d44120ee\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.schedmd.com/news.php?id=178\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-284\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-10030\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-01-05T11:59:00.133\",\"lastModified\":\"2024-11-21T02:43:07.207\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on the system. Any exploitation of this is dependent on the user being able to cause or anticipate the failure (non-zero return code) of a Prolog script that their job would run on. This issue affects all Slurm versions from 0.6.0 (September 2005) to present. Workarounds to prevent exploitation of this are to either disable your Prolog script, or modify it such that it always returns 0 (\\\"success\\\") and adjust it to set the node as down using scontrol instead of relying on the slurmd to handle that automatically. If you do not have a Prolog set you are unaffected by this issue.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n _prolog_error en slurmd/req.c en Slurm en versiones anteriores a 15.08.13, 16.x en versiones anteriores a 16.05.7 y 17.x en versiones anteriores a 17.02.0-pre4 tiene una vulnerabilidad en como el slurmd daemon informa a los usuarios de un fallo Prolog en un nodo de c\u00e1lculo. Esta vulnerabilidad podr\u00eda permitir a un usuario asumir el control de un archivo arbitrario en el sistema. Cualquier explotaci\u00f3n de esto depende de que el usuario pueda provocar o anticipar el fallo (c\u00f3digo de retorno distinto de cero) de una secuencia de comandos Prolog que ejecutar\u00eda su trabajo. Este problema afecta a todas las versiones de Slurm desde la 0.6.0 (septiembre de 2005) hasta el presente. Las soluciones para evitar la explotaci\u00f3n de esto son para deshabilitar su secuencia de comandos Prolog, o modificarlo de tal manera que siempre devuelva 0 (\\\"\u00e9xito\\\") y ajustarlo para establecer el nodo como ca\u00eddo utilizando scontrol en lugar de confiar en slurmd para manejarlo autom\u00e1ticamente. Si no tiene un conjunto Prolog, no se ver\u00e1 afectado por este problema.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:C/I:C/A:C\",\"baseScore\":7.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":4.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"15.08.12\",\"matchCriteriaId\":\"E0909E51-4336-4389-93EA-0B2F5497F572\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:16.05.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CF0BB7E-6A58-44F1-B256-050B994337C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:16.05.0:pre1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC0DE382-132A-4368-A5EE-E4C41356DFDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:16.05.0:pre2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE5FDB9D-001B-40E0-A03C-FC6DC613A9AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:16.05.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"91FFABC7-8770-4D73-901F-5DB67FE038FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:16.05.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7744D1CC-1C6A-48E3-9CEB-EC2F4ACCF5A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:16.05.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D0908F7-FB4C-430A-A710-8436F02FCFEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:16.05.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F7F64E-CB09-440E-A54B-DDC7BBB0B3BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:16.05.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"985B2E2F-6215-4B7A-B6DD-3D1814E1F015\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:16.05.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E18A9C0-A73F-4BAA-A7FF-9B2B30C61224\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:16.05.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BE93BD8-C330-4504-B44A-C727D71D7EC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:16.05.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A05FDEE-FE60-45C0-8AA8-277DADF87926\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:17.02.0:pre1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2D03B41-F9D6-41EB-AEE7-B2673BECA338\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:17.02.0:pre2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2DD1E41-DE4C-4C0A-ABBD-3360AF9DECFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schedmd:slurm:17.02.0:pre3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE470D55-EB72-4C0E-BA6F-A7D9A5B34C13\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/95299\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/SchedMD/slurm/commit/92362a92fffe60187df61f99ab11c249d44120ee\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.schedmd.com/news.php?id=178\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/95299\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/SchedMD/slurm/commit/92362a92fffe60187df61f99ab11c249d44120ee\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.schedmd.com/news.php?id=178\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.