CVE-2021-43337

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions SchedMD Slurm versions 21.08.* through 21.08.3

Description The issue concerns incorrect access control in SchedMD Slurm. Specifically, on sites using the new AccountingStoreFlags options for job scripts and/or job environment, the access control rules in SlurmDBD may allow users to access job scripts and environment files that they should not have access to.

Recommendations For SchedMD Slurm versions 21.08.* through 21.08.3, update to version 21.08.4 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-43337

OPENSUSE-SU-2024:11645-1

SUSE-RU-2022:4297-1

SUSE-RU-2022:4348-1

SUSE-RU-2022:4361-1

SUSE-RU-2022:4362-1

Affected Products

Schedmd Slurm

CVE-2021-43337

Related Identifiers

Affected Products

References · 25