漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in Altair Grid Engine (All versions < V2026.0.0). Affected products do not properly validate environment variables when loading shared libraries, allowing path hijacking through malicious library substitution. This could allow a local attacker to execute arbitrary code with superuser privileges by manipulating the environment variable and placing a malicious library in the controlled path.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Siemens Altair Grid Engine 代码问题漏洞
Vulnerability Description
Siemens Altair Grid Engine是美国Siemens公司的一个分布式资源管理系统。 Siemens Altair Grid Engine V2026.0.0之前版本存在代码问题漏洞,该漏洞源于加载共享库时未正确验证环境变量,可能导致通过恶意库替换进行路径劫持,从而以超级用户权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A