Untrusted search path in SchedMD Slurm



| Updated: 2020-08-08
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2017-15566
CWE-ID CWE-426
Exploitation vector Local
Public exploit N/A
Vulnerable software
 Slurm
Server applications / Remote management servers, RDP, SSH

Vendor SchedMD

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Untrusted search path

EUVDB-ID: #VU37992

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-15566

CWE-ID: CWE-426 - Untrusted Search Path

Exploit availability: No

Description

The vulnerability allows a local authenticated user to execute arbitrary code.

Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Slurm: 17.11.0

CPE2.3 External links

https://www.securityfocus.com/bid/101675
https://www.debian.org/security/2017/dsa-4023
https://www.schedmd.com/news.php?id=193#OPT_193


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###