11 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-49935
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can...
GLSA-202409-16 : Slurm: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202409-16 Slurm: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Slurm. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from...
openSUSE: Security Advisory for slurm_23_02 (SUSE-SU-2024:0280-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2024:0284-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: libnss_slurm2 / libpmi0 / libslurm39 / perl-slurm / slurm / etc (SUSE-SU-2024:0284-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0284-1 advisory. Update to slurm 23.02.6: Security fixes: - CVE-2023-49933: Prevent message extension attacks that could bypass the message hash...
Fedora: Security Advisory (FEDORA-2023-9a74d212f8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-49935
creationtimestamp| type| source ---|---|--- 2024-01-10 15:11:48+00:00| seen| https://t.me/ctinow/165846...
CVE-2023-49935
An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect agains...
CVE-2023-49935
An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect agains...
CVE-2023-49935
An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect agains...
CVE-2023-49935
CVE-2023-49935 affects SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. The root cause is a slurmd Message Integrity Bypass that lets an attacker reuse root-level MUNGE tokens during interaction with slurmd, bypassing RPC message hashes protecting against credential reuse. Fixed versions are 23.02.7 ...