Incorrect Access Control in SchedMD Slurm 21.08.* before 21.08.4

Incorrect Access Control in SchedMD Slurm 21.08.* before 21.08.4

CVE-2021-43337 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=job_script and/or job_env options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have access.

Learn more about our On Site Uk Pen Test.