CVE-2024-48936

28 Oct 2024

Jose Alexis Correa Valencia
0 Comentarios

Título es

CVE-2024-48936

Lun, 28/10/2024 – 04:15

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-48936

Descripción en

SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with –stepmgr, or on systems that have globally enabled stepmgr via SlurmctldParameters=enable_stepmgr in their configuration.

28/10/2024

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

Pendiente de análisis

Referencias

https://lists.schedmd.com/mailman3/hyperkitty/list/slurm-announce%40lists.schedmd.com/message/44MFMN7R35YZFWTNO43R2754W5B5XUAI/

https://lists.schedmd.com/pipermail/slurm-announce/2024/date.html

https://www.schedmd.com/security-policy/

Enviar en el boletín

Off