HIGH🇬🇧 English

CVE-2023-49933

CVSS 7.5v3.1pub. 2023-12-14upd. 2025-11-04

An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  • Schedmd Slurm

    APP
    Schedmd
    23.1122.05 – 22.05.12 (bez)23.02 – 23.02.7 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-49937CRITICAL9.8PL ✓ten sam produkt

Double free w SchedMD Slurm umożliwia RCE lub DoS

CVE-2023-49934CRITICAL9.8PL ✓ten sam produkt

SQL Injection w SchedMD Slurm 23.11.x przeciwko bazie SlurmDBD

CVE-2022-29502CRITICAL9.8ten sam produkt

SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges.

CVE-2020-27745CRITICAL9.8ten sam produkt

Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin.

CVE-2019-12838CRITICAL9.8ten sam produkt

SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection.

CVE-2023-49933 — HIGH 7.5 | CVEbaza.pl