Insecure SPANK Environment Variable Handling Vulnerability in SchedMD Slurm

Insecure SPANK Environment Variable Handling Vulnerability in SchedMD Slurm

CVE-2017-15566 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution.

Learn more about our Web Application Penetration Testing UK.