IBM Spectrum LSF versions 10.1 and 10.2 suffer from hardcoded eauth key and eauth key exposure vulnerabilities.
7b805922df0af9a8af46eb5021d5ad516d5d2b44e2d6fc8f4bd24f60749d3a03
BeeGFS versions 7.1.3 and below suffer from a privilege escalation vulnerability.
d30029c1850a3b316562ecfdf0823e70e5d8b72548aae0f53565d9c31f6d8df9
PBS Professional versions 19.2.3 and below suffer from an authentication bypass vulnerability.
4e778bfddd48fd678b80e1ee642c5e78739451b4e2a52e2e2396245a985f8e41
A vulnerability was identified within IBM Spectrum LSF which made it was possible to impersonate other users when submitting jobs for execution. Additionally, it was found to be possible to impersonate and execute jobs as root, even where root job submission is disabled. Versions affected include 8.3, 9.1.1, 9.1.2, 9.1.3, 10.1, and 10.1.0.1.
2efba7f49de16c0ab91885eec21b6040948eb64801f0eac0a8e9a23a88545d52
DDN controllers ship with a set of static entries within the authorized_keys file of several of the user accounts. The corresponding private keys can be obtained from publicly available sources.
470b91b64442d28eebb33a4f527381613c2b67ad4b238cb3ab10d5b46ca3f8e7
DDN SFA suffers from a privilege escalation vulnerability.
8685f5cd2b43437141d6700fcd38911bb8804b7c0342311a9bbe76773a26134b
IBM GPFS version 4.1.0.0 through 4.1.0.8 and 3.5.0.0 through 3.5.0.30 along with Spectrum Scale versions 4.2.0.0 through 4.2.0.2 and 4.1.1.0 through 4.1.1.6 suffer from a command injection vulnerability.
d5a184120f34553d5a3f070fe73506ebbb75681cf01c038a98e3fde9002113f4
It is possible for users of ICE-X supercomputers to gain access to backups of system configuration databases.
a3391d3f24f884f8882a5a413fe59541e6c85c96d2bdb3446ccde65cf7207df8
SGI Tempo systems expose a database password in the world readable /etc/odapw file.
33068bfa9903902198ab1a1def7493a5b1147e1e5e632e0bac53597bf97cf900
/opt/sgi/sgimc/bin/vx, a setuid binary on SGI Tempo systems, allows for privilege escalation.
c32b2f12effe553e70e04d4889e25819691bd3ba3e5cc606cab0fa53442de067
Moab suffers from an insecure message signing authentication bypass vulnerability. All versions up to 8 can be affected depending on the configuration.
85a019a8c4de29f5f84586a14f07c354e859db1b6a19ccec9cbb5d70e45cbcea
Moab versions prior to 7.2.9 and 8 suffer from a user impersonation vulnerability.
06269ab2431aa1292e9d181643ace50442b15f7c22b2ca8e0be470c5e444f592
Moab versions prior to 7.2.9 and 8 suffer from a dynamic reconfiguration authentication bypass issue that allows for remote code execution.
1d947c3d312bda1ccebc5c7622d54bcdfee0aa44575fcd3b9fa4410d0c6e6878
Torque versions 2.5.13 and below suffer from a buffer overflow vulnerability.
d70ac68760be26990412a9557c8ba8998fd61ae6ed3c065bbd16318b9e99b85a
Apinit and aprun are utilities used to schedule tasks on Cray supercomputers. Apinit runs as a service on compute nodes and aprun is used to communicate with these nodes. The apinit service does not safely validate messages supplied to it through the use of aprun. Users of Cray systems are able to exploit this weakness in order to execute commands on the compute nodes of a Cray supercomputer as arbitrary users, including root (UID 0).
35dc2988dfa5b20f94f03cac3407ffef1d10ffa10d1fe9bd41390ba183fc8f33