Lucene search

[email protected]NVD:CVE-2018-10995

HistoryMay 30, 2018 - 8:29 p.m.

CVE-2018-10995

2018-05-3020:29:00

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

7.2

Confidence

High

EPSS

0.002

Percentile

56.2%

JSON

SchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields).

Affected configurations

Nvd

Node

schedmdslurmRange≤17.02.10.1

schedmdslurmMatch17.11.0.0pre1

schedmdslurmMatch17.11.0.0pre2

schedmdslurmMatch17.11.0.0rc1

schedmdslurmMatch17.11.0.0rc2

schedmdslurmMatch17.11.0.0rc3

schedmdslurmMatch17.11.0.1

schedmdslurmMatch17.11.1.1

schedmdslurmMatch17.11.1.2

schedmdslurmMatch17.11.2.1

schedmdslurmMatch17.11.3.1

schedmdslurmMatch17.11.3.2

schedmdslurmMatch17.11.4.1

schedmdslurmMatch17.11.5.1

schedmdslurmMatch17.11.6.1

Node

debiandebian_linuxMatch8.0

debiandebian_linuxMatch9.0

VendorProductVersionCPE
schedmdslurm*cpe:2.3:a:schedmd:slurm:*:*:*:*:*:*:*:*
schedmdslurm17.11.0.0cpe:2.3:a:schedmd:slurm:17.11.0.0:pre1:*:*:*:*:*:*
schedmdslurm17.11.0.0cpe:2.3:a:schedmd:slurm:17.11.0.0:pre2:*:*:*:*:*:*
schedmdslurm17.11.0.0cpe:2.3:a:schedmd:slurm:17.11.0.0:rc1:*:*:*:*:*:*
schedmdslurm17.11.0.0cpe:2.3:a:schedmd:slurm:17.11.0.0:rc2:*:*:*:*:*:*
schedmdslurm17.11.0.0cpe:2.3:a:schedmd:slurm:17.11.0.0:rc3:*:*:*:*:*:*
schedmdslurm17.11.0.1cpe:2.3:a:schedmd:slurm:17.11.0.1:*:*:*:*:*:*:*
schedmdslurm17.11.1.1cpe:2.3:a:schedmd:slurm:17.11.1.1:*:*:*:*:*:*:*
schedmdslurm17.11.1.2cpe:2.3:a:schedmd:slurm:17.11.1.2:*:*:*:*:*:*:*
schedmdslurm17.11.2.1cpe:2.3:a:schedmd:slurm:17.11.2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
schedmd	slurm	*	cpe:2.3:a:schedmd:slurm::::::::
schedmd	slurm	17.11.0.0	cpe:2.3:a:schedmd:slurm:17.11.0.0:pre1::::::
schedmd	slurm	17.11.0.0	cpe:2.3:a:schedmd:slurm:17.11.0.0:pre2::::::
schedmd	slurm	17.11.0.0	cpe:2.3:a:schedmd:slurm:17.11.0.0:rc1::::::
schedmd	slurm	17.11.0.0	cpe:2.3:a:schedmd:slurm:17.11.0.0:rc2::::::
schedmd	slurm	17.11.0.0	cpe:2.3:a:schedmd:slurm:17.11.0.0:rc3::::::
schedmd	slurm	17.11.0.1	cpe:2.3:a:schedmd:slurm:17.11.0.1:::::::*
schedmd	slurm	17.11.1.1	cpe:2.3:a:schedmd:slurm:17.11.1.1:::::::*
schedmd	slurm	17.11.1.2	cpe:2.3:a:schedmd:slurm:17.11.1.2:::::::*
schedmd	slurm	17.11.2.1	cpe:2.3:a:schedmd:slurm:17.11.2.1:::::::*