Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-7033

SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD.

Published

2018-03-15T22:29:00.527

Last Modified

2024-11-21T04:11:32.767

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-89
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application schedmd slurm < 17.02.10.0 Yes
Application schedmd slurm < 17.11.5.0 Yes
Application schedmd slurm 17.11.0.0 Yes
Application schedmd slurm 17.11.0.0 Yes
Application schedmd slurm 17.11.0.0 Yes
Application schedmd slurm 17.11.0.0 Yes
Application schedmd slurm 17.11.0.0 Yes
Operating System debian debian_linux 7.0 Yes
Operating System debian debian_linux 8.0 Yes
Operating System debian debian_linux 9.0 Yes
References