CVE-2019-12838

CRITICAL

SchedMD Slurm 17.11.x 18.08.0-18.08.7 19.05.0 - SQL Injection

Title source: llm
STIX 2.1

Description

SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection.

References (13)

Core 13
Core References
Vendor Advisory x_refsource_misc
https://www.schedmd.com/news.php
Release Notes, Vendor Advisory x_refsource_misc
https://lists.schedmd.com/pipermail/slurm-announce/2019/
Release Notes, Vendor Advisory x_refsource_confirm
https://www.schedmd.com/news.php?id=218
Mailing List, Vendor Advisory x_refsource_confirm
https://lists.schedmd.com/pipermail/slurm-announce/2019/000025.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00005.html
Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Nov/30
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2019/dsa-4572
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00051.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00038.html
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/03/msg00016.html
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2022/01/msg00011.html

Scores

CVSS v3 9.8
EPSS 0.0299
EPSS Percentile 86.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (9)
debian/debian_linux 8.0
debian/debian_linux 9.0
debian/debian_linux 10.0
fedoraproject/fedora 29
fedoraproject/fedora 30
opensuse/leap 15.0
opensuse/leap 15.1
schedmd/slurm 19.05.0
schedmd/slurm 17.11.0.0 - 17.11.13.2
Published Jul 11, 2019
Tracked Since Feb 18, 2026