Lucene search
K

83 matches found

OSV
OSV
added 2022/06/24 3:15 p.m.3 views

CVE-2022-28620

A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System Solutions; HPE Slingshot; and HPE Cray EX supercomputers versions: Prior to node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware...

9.8CVSS5.8AI score0.01455EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/24 3:15 p.m.10 views

CVE-2022-28620

A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System Solutions; HPE Slingshot; and HPE Cray EX supercomputers versions: Prior to node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware...

9.8CVSS7.2AI score0.01455EPSS
Exploits0References2
Prion
Prion
added 2022/06/24 3:15 p.m.17 views

Authentication flaw

A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System Solutions; HPE Slingshot; and HPE Cray EX supercomputers versions: Prior to node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware...

7.5CVSS9.4AI score0.01455EPSS
Exploits0References1Affected Software5
Cvelist
Cvelist
added 2022/06/24 3:0 p.m.17 views

CVE-2022-28620

A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System Solutions; HPE Slingshot; and HPE Cray EX supercomputers versions: Prior to node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware...

9.7AI score0.01455EPSS
Exploits0References1
CVE
CVE
added 2022/06/24 3:0 p.m.67 views

CVE-2022-28620

CVE-2022-28620 is a remote authentication bypass affecting HPE Cray Legacy Shasta System Solutions, HPE Slingshot, and HPE Cray EX supercomputers. Affected firmware/versions include: node controller firmware for HPE Cray EX liquid-cooled blades; chassis controller firmware in HPE Cray EX liquid-c...

9.8CVSS9.4AI score0.01455EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/06/24 12:0 a.m.5 views

PT-2022-19108 · Hewlett Packard · Hpe Cray Ex Supercomputers +2

Name of the Vulnerable Software and Affected Versions: HPE Cray Legacy Shasta System Solutions versions prior to node controller firmware associated with HPE Cray EX liquid cooled blades HPE Slingshot versions prior to 1.7.2 HPE Cray EX supercomputers versions prior to 1.6.27/1.5.33/1.4.27...

9.8CVSS9.5AI score0.01455EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/06/24 12:0 a.m.6 views

HPE Cray Legacy Shasta 授权问题漏洞

HPE Cray Legacy Shasta is a supercomputer from Wise and Technology HPE. It can handle the new large-scale convergent modeling that is currently available. A security vulnerability exists in the HPE Cray Legacy Shasta that can be remotely exploited by an attacker to allow bypassing authentication,...

9.8CVSS8.2AI score0.01455EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.19 views

openSUSE Security Update : slurm (openSUSE-2019-521)

This update for slurm to version 17.11.7 fixes the following issues : This security issue was fixed : - CVE-2018-10995: Ensure correct handling of user names and group ids bsc1095508. These non-security issues were fixed : - CRAY - Add slurmsmwd to the contribs/cray dir - PMIX - Added the direct...

5.3CVSS7.1AI score0.01739EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.26 views

SUSE SLES12 Security Update : slurm (SUSE-SU-2017:3311-1)

This update for slurm fixes the following issues: Slurm was updated to 17.02.9 to fix a security bug, bringing new features and bugfixes fate323998 bsc1067580. Security issue fixed : - CVE-2017-15566: Fix security issue in Prolog and Epilog by always prepending SPANK to all user-set environment...

7.8CVSS7.5AI score0.00578EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/07/16 12:0 a.m.28 views

openSUSE Security Update : slurm (openSUSE-2018-729)

This update for slurm to version 17.11.7 fixes the following issues : This security issue was fixed : - CVE-2018-10995: Ensure correct handling of user names and group ids bsc1095508. These non-security issues were fixed : - CRAY - Add slurmsmwd to the contribs/cray dir - PMIX - Added the direct...

5.3CVSS7.1AI score0.01739EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2018/07/14 12:8 a.m.61 views

Security update for slurm (moderate)

This update for slurm to version 17.11.7 fixes the following issues: This security issue was fixed: - CVE-2018-10995: Ensure correct handling of user names and group ids bsc1095508. These non-security issues were fixed: - CRAY - Add slurmsmwd to the contribs/cray dir - PMIX - Added the direct...

0.7AI score0.01739EPSS
Exploits0References2
NVD
NVD
added 2014/12/27 2:59 a.m.26 views

CVE-2014-0748

apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified aprun program, aka ID FN5912...

7.2CVSS6.5AI score0.00336EPSS
Exploits1References1
Prion
Prion
added 2014/12/27 2:59 a.m.14 views

Code injection

apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified aprun program, aka ID FN5912...

7.2CVSS7.1AI score0.00336EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2014/12/27 2:0 a.m.33 views

CVE-2014-0748

apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified aprun program, aka ID FN5912...

6.5AI score0.00336EPSS
Exploits1References1
CVE
CVE
added 2014/12/27 2:0 a.m.44 views

CVE-2014-0748

CVE-2014-0748 affects Cray Aprun/Apinit on Cray supercomputers. The issue arises from the apinit service not validating the UID in launch messages received via aprun against the ALPS-authenticated UID, allowing a local user to escalate privileges to root on a compute node. Affected versions were ...

7.2CVSS6.7AI score0.00336EPSS
Exploits1References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Cray UNICOS /usr/bin/script Command Line Argument Local Overflow

No description provided by source. source: http://www.securityfocus.com/bid/16205/info Cray UNICOS is prone to locally exploitable buffer overflow vulnerabilities. These issues are due to insufficient bounds checking of command line parameters in various utilities with setuid-superuser privileges...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Cray UNICOS /etc/nu -c Option Filename Processing Local Overflow

No description provided by source. source: http://www.securityfocus.com/bid/16205/info Cray UNICOS is prone to locally exploitable buffer overflow vulnerabilities. These issues are due to insufficient bounds checking of command line parameters in various utilities with setuid-superuser privileges...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.54 views

Cray supercomputers privilege escalation

root privileges escalation via aprun/apinit...

7.2CVSS5.1AI score0.00336EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.47 views

[mwrlabs advisory][CVE-2014-0748] Cray Aprun/Apinit Privilege Escalation

Cray Aprun/Apinit Privilege Escalation ====================================== MWR have identified a vulnerability which allows users to escalate their privileges to root on Cray supercomputers. This advisory details the vulnerability and the patches which Cray customers can apply in order to...

7.2CVSS0.8AI score0.00336EPSS
Exploits1
Packet Storm
Packet Storm
added 2014/02/11 12:0 a.m.45 views

Cray Aprun / Apinit Privilege Escalation

Cray Aprun/Apinit Privilege Escalation ====================================== MWR have identified a vulnerability which allows users to escalate their privileges to root on Cray supercomputers. This advisory details the vulnerability and the patches which Cray customers can apply in order to...

7.2CVSS0.6AI score0.00336EPSS
Exploits1
Rows per page
Query Builder