Vulnerabilities

CVE-2024-48936

by Fred · 28/10/2024

SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users’ jobs. This is limited to jobs explicitly running with –stepmgr, or on systems that have globally enabled stepmgr via SlurmctldParameters=enable_stepmgr in their configuration.

More information : https://www.schedmd.com/security-policy/

Similar

Tags: Cybersecurity Alert