CVE-2014-0748CVE-2014-0748

Affected configuration(s):

cpe:/o:cray:cray_linux_environment:4.2
cpe:/o:cray:cray_linux_environment:5.1

Date published: 2014-12-26T21:59:00.053-05:00

Date last modified: 2014-12-30T06:22:17.847-05:00

CVSS Score: 7.2

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: https://labs.mwrinfosecurity.com/advisories/2014/01/31/cray-aprunapinit-privilege-escalation/

Summary: apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified aprun program, aka ID FN5912.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *