CVE-2017-15566

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-15566
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-15566.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-15566
Downstream
Related
Published
2017-11-01T17:29:00.307Z
Modified
2026-03-15T22:15:21.480927Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution.

References

Affected packages

Git / github.com/schedmd/slurm

Affected ranges

Type
GIT
Repo
https://github.com/schedmd/slurm
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5e2dec13b45fd79afcfb851c834aacee9ca7f877
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "16.05.11"
        }
    ]
}

Affected versions

Other
slurm-13-12-0-0pre2
slurm-13-12-0-0pre3
slurm-13-12-0-0pre4
slurm-14-03-0-0pre5
slurm-14-03-0-0pre6
slurm-14-03-0-0rc1
slurm-14-03-0-1
slurm-14-03-1-1
slurm-14-03-1-2
slurm-14-03-10-1
slurm-14-03-11-1
slurm-14-03-2-1
slurm-14-03-3-1
slurm-14-03-3-2
slurm-14-03-4-1
slurm-14-03-4-2
slurm-14-03-5-1
slurm-14-03-6-1
slurm-14-03-7-1
slurm-14-03-8-1
slurm-14-03-9-1
slurm-14-11-0-0pre1
slurm-14-11-0-0pre2
slurm-14-11-0-0pre3
slurm-14-11-0-0pre4
slurm-14-11-0-0pre5
slurm-14-11-0-0rc1
slurm-14-11-0-0rc2
slurm-14-11-0-0rc3
slurm-14-11-0-1
slurm-14-11-1-1
slurm-14-11-10-1
slurm-14-11-11-1
slurm-14-11-2-1
slurm-14-11-3-1
slurm-14-11-4-1
slurm-14-11-5-1
slurm-14-11-6-1
slurm-14-11-7-1
slurm-14-11-8-1
slurm-14-11-9-1
slurm-15-08-0-0pre1
slurm-15-08-0-0pre2
slurm-15-08-0-0pre3
slurm-15-08-0-0pre4
slurm-15-08-0-0pre5
slurm-15-08-0-0pre6
slurm-15-08-0-0rc1
slurm-15-08-0-1
slurm-15-08-1-1
slurm-15-08-10-1
slurm-15-08-11-1
slurm-15-08-12-1
slurm-15-08-13-1
slurm-15-08-2-1
slurm-15-08-3-1
slurm-15-08-4-1
slurm-15-08-5-1
slurm-15-08-6-1
slurm-15-08-7-1
slurm-15-08-8-1
slurm-15-08-9-1
slurm-16-05-0-0pre1
slurm-16-05-0-0pre2
slurm-16-05-0-0rc1
slurm-16-05-0-0rc2
slurm-16-05-0-1
slurm-16-05-1-1
slurm-16-05-10-1
slurm-16-05-10-2
slurm-16-05-2-1
slurm-16-05-3-1
slurm-16-05-4-1
slurm-16-05-5-1
slurm-16-05-6-1
slurm-16-05-7-1
slurm-16-05-8-1
slurm-16-05-9-1
slurm-2-2-6-1
slurm-2-2-7-1
slurm-2-3-0-0-pre5
slurm-2-3-0-0-pre6
slurm-2-3-0-0-rc1
slurm-2-3-0-0-rc2
slurm-2-3-0-1
slurm-2-3-0-2
slurm-2-3-1-1
slurm-2-3-2-1
slurm-2-3-3-1
slurm-2-3-4-1
slurm-2-3-5-1
slurm-2-4-0-0-pre1
slurm-2-4-0-0-pre2
slurm-2-4-0-0-pre3
slurm-2-4-0-0-pre4
slurm-2-4-0-0-rc1
slurm-2-4-0-1
slurm-2-4-1-1
slurm-2-4-2-1
slurm-2-4-3-0
slurm-2-4-4-1
slurm-2-4-5-1
slurm-2-5-0-0-pre1
slurm-2-5-0-0-pre2
slurm-2-5-0-0-pre3
slurm-2-5-0-0-rc1
slurm-2-5-0-0-rc2
slurm-2-5-0-1
slurm-2-5-1-1
slurm-2-5-2-1
slurm-2-5-3-1
slurm-2-5-4-1
slurm-2-5-5-1
slurm-2-5-6-1
slurm-2-5-7-1
slurm-2-6-0-0-pre2
slurm-2-6-0-0pre1
slurm-2-6-0-0pre2
slurm-2-6-0-0pre3
slurm-2-6-0-0pre4
slurm-2-6-0-0rc1
slurm-2-6-0-0rc2
slurm-2-6-0-1
slurm-2-6-1-1
slurm-2-6-2-1
slurm-2-6-3-1
slurm-2-6-4-1
slurm-2-6-5-1
slurm-2-6-6-1
slurm-2-6-6-2
slurm-2-6-7-1
slurm-2-6-8-1
slurm-2-6-9-1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-15566.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "17.02.0"
            },
            {
                "fixed": "17.2.09"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "17.11.0-rc1"
            }
        ]
    }
]