Lucene search

[email protected]NVD:CVE-2023-49934

HistoryDec 14, 2023 - 5:15 a.m.

CVE-2023-49934

2023-12-1405:15:10

CWE-89

[email protected]

web.nvd.nist.gov

schedmd slurm

sql injection

23.11.1

cve-2023-49934

slurmdbd database

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

26.9%

JSON

An issue was discovered in SchedMD Slurm 23.11.x. There is SQL Injection against the SlurmDBD database. The fixed version is 23.11.1.

Affected configurations

Nvd

Node

schedmdslurmMatch23.11-

schedmdslurmMatch23.11rc1

VendorProductVersionCPE
schedmdslurm23.11cpe:2.3:a:schedmd:slurm:23.11:-:*:*:*:*:*:*
schedmdslurm23.11cpe:2.3:a:schedmd:slurm:23.11:rc1:*:*:*:*:*:*

Vendor	Product	Version	CPE
schedmd	slurm	23.11	cpe:2.3:a:schedmd:slurm:23.11:-::::::
schedmd	slurm	23.11	cpe:2.3:a:schedmd:slurm:23.11:rc1::::::

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FEDDYEE2WK7FHWBHKON3OZVQI56WSQ/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYQS3LFGC4HE4WCW4L3NAA2I6FRIWMNO/

lists.schedmd.com/pipermail/slurm-announce/2023/000103.html

www.schedmd.com/security-archive.php

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

26.9%

JSON

Related for NVD:CVE-2023-49934

veracode1 debiancve1 cvelist1 cve1 prion1 ubuntucve1 fedora2 nessus4 freebsd1 openvas2 gentoo1