Lucene search

K
nvd[email protected]NVD:CVE-2022-29501
HistoryMay 05, 2022 - 5:15 p.m.

CVE-2022-29501

2022-05-0517:15:15
web.nvd.nist.gov
schedmd slurm 21.08.x
20.11.x
incorrect access control
escalation of privileges
code execution

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

55.9%

SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution.

Affected configurations

NVD
Node
schedmdslurmRange<20.11.9
OR
schedmdslurmRange21.08.021.08.08
Node
fedoraprojectfedoraMatch34
OR
fedoraprojectfedoraMatch35
OR
fedoraprojectfedoraMatch36
Node
debiandebian_linuxMatch11.0

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

55.9%