Published: 13/05/2021 Updated: 07/11/2023

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

SchedMD Slurm prior to 20.02.7 and 20.03.x up to and including 20.11.x prior to 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling.

Vulnerable Product	Search on Vulmon	Subscribe to Product
schedmd slurm
fedoraproject fedora 33
fedoraproject fedora 34
debian debian linux 9.0

Debian Bug report logs - #988439 slurm-wlm: CVE-2021-31215 Package: src:slurm-wlm; Maintainer for src:slurm-wlm is Debian HPC Team <debian-hpc@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 13 May 2021 07:21:02 UTC Severity: grave Tags: security, upstream Found in version slurm-w ...

NVD-CWE-noinfo https://lists.schedmd.com/pipermail/slurm-announce/2021/000055.html https://www.schedmd.com/news.php?id=248#OPT_248 https://lists.debian.org/debian-lts-announce/2022/01/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ODMJQNY4FAV7G3DSKVIO5KY7Q7DKBPU/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRHTASFAU5FNB2MJOG67YID2ONQS5MCQ/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988439 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-31215

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect