Incorrect Permission Assignment for Critical Resource

CVE-2019-19727

Medium

5.5/10

SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions.

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.