CVE-2018-7033SQL Injection in Slurm

CWE-89SQL Injection10 documents6 sources
Severity
9.8CRITICALNVD
OSV8.1
EPSS
0.4%
top 40.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Schedmd SlurmDebian Linux
Timeline
PublishedMar 15
Latest updateFeb 1

Description

SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDschedmd/slurm17.11.0.017.11.5.0+2

Also affects: Debian Linux 7.0, 8.0, 9.0

Patches

Patch: lists.schedmd.comPatch: lists.schedmd.com

🔴Vulnerability Details

5
OSV
slurm-llnl vulnerabilities2023-02-01
OSV
slurm-llnl vulnerabilities2022-05-25
GHSA
GHSA-qhw8-g654-xfjq: SchedMD Slurm before 172022-05-14
CVEList
CVE-2018-7033: SchedMD Slurm before 172018-03-15
OSV
CVE-2018-7033: SchedMD Slurm before 172018-03-15

📋Vendor Advisories

2
Ubuntu
Slurm vulnerabilities2023-02-01
Ubuntu
Slurm vulnerabilities2022-05-25

💬Community

2
Bugzilla
CVE-2018-7033 slurm: SQL Injection attacks against SlurmDBD2018-03-16
Bugzilla
CVE-2018-7033 slurm: SQL Injection attacks against SlurmDBD [fedora-27]2018-03-16
CVE-2018-7033 — SQL Injection in Schedmd Slurm | cvebase