FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

slurm-wlm -- SQL Injection attacks against SlurmDBD

Affected packages
slurm-wlm < 17.02.10


VuXML ID b3e04661-2a0a-11e8-9e63-3085a9a47796
Discovery 2018-03-15
Entry 2018-03-17

SchedMD reports:

Several issues were discovered with incomplete sanitization of user-provided text strings, which could potentially lead to SQL injection attacks against SlurmDBD itself. Such exploits could lead to a loss of accounting data, or escalation of user privileges on the cluster.


CVE Name CVE-2018-7033