Sensitive Data Exposure in Atos Eviden SMC xScale Product
CVE-2024-42018

Currently unrated

Key Information:

Vendor: Atos
Status: Eviden SMC xScale
Vendor: CVE Published:; 11 October 2024

What is CVE-2024-42018?

An issue in Atos Eviden SMC xScale allows for the exposure of sensitive credentials during the initialization of nodes, making them vulnerable to unauthorized access. This is due to improper configuration in the cloudinit settings, where iptables intended to restrict access is not applied appropriately after a system reboot. As a result, critical parameters that contain sensitive information can be accessed by unprivileged users, compromising the integrity and confidentiality of the HPC configuration.

References

https://eviden.com

https://support.bull.com/ols/product/security/psirt/secur...

Timeline

Vulnerability published
Oct 11, 2024
Vulnerability Reserved
Jul 27, 2024