vulnerability

Debian: CVE-2020-12693: slurm-llnl, slurm-wlm -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:H/Au:N/C:P/I:P/A:P)	May 21, 2020	Jan 29, 2021	Nov 4, 2022

Severity

CVSS

(AV:N/AC:H/Au:N/C:P/I:P/A:P)

Published

May 21, 2020

Added

Jan 29, 2021

Modified

Nov 4, 2022

Description

Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user.

Solutions

debian-upgrade-slurm-llnldebian-upgrade-slurm-wlm

References

CVE-2020-12693
https://attackerkb.com/topics/CVE-2020-12693
DEBIAN-DSA-4841
DEBIAN-DSA-4841-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today