CVE-2020-27746

MEDIUM

Description

Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem.

References

https://www.debian.org/security/2021/dsa-4841

https://www.schedmd.com/news.php

Details

Source: MITRE

Published: 2020-11-27

Updated: 2021-01-28

Type: CWE-922

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 3.7

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Impact Score: 1.4

Exploitability Score: 2.2

Severity: LOW

Tenable Plugins

View all (14 total)

IDNameProductFamilySeverity
147801SUSE SLES12 Security Update : slurm_20_11 / pdsh (SUSE-SU-2021:0773-1)NessusSuSE Local Security Checks
high
145523Debian DSA-4841-1 : slurm-llnl - security updateNessusDebian Local Security Checks
medium
145346openSUSE Security Update : slurm_18_08 (openSUSE-2021-96)NessusSuSE Local Security Checks
medium
145334openSUSE Security Update : slurm_18_08 (openSUSE-2020-2286)NessusSuSE Local Security Checks
medium
145156SUSE SLES15 Security Update : slurm_20_02 (SUSE-SU-2021:0139-1)NessusSuSE Local Security Checks
medium
144535SUSE SLES12 Security Update : slurm_20_02 (SUSE-SU-2020:3892-1)NessusSuSE Local Security Checks
medium
144499SUSE SLES15 Security Update : slurm_17_11 (SUSE-SU-2020:3878-1)NessusSuSE Local Security Checks
medium
144438SUSE SLES12 Security Update : slurm_18_08 (SUSE-SU-2020:3863-1)NessusSuSE Local Security Checks
medium
143834SUSE SLES15 Security Update : slurm (SUSE-SU-2020:3505-1)NessusSuSE Local Security Checks
medium
143740SUSE SLES15 Security Update : slurm (SUSE-SU-2020:3506-1)NessusSuSE Local Security Checks
medium
143348openSUSE Security Update : slurm (openSUSE-2020-2033)NessusSuSE Local Security Checks
medium
143309Fedora 32 : slurm (2020-98a5098030)NessusFedora Local Security Checks
medium
143302openSUSE Security Update : slurm (openSUSE-2020-2056)NessusSuSE Local Security Checks
medium
143294Fedora 33 : slurm (2020-49b97c38e7)NessusFedora Local Security Checks
medium