Lucene search
+L

164 matches found

Tenable Nessus
Tenable Nessus
added 2024/01/02 12:0 a.m.38 views

Fedora 39 : slurm (2023-9a74d212f8)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-9a74d212f8 advisory. - Update to 22.05.11 - Closes CVE-2023-49933 through CVE-2023-49938 Tenable has extracted the preceding description block directly from the Fedora...

9.8CVSS7.7AI score0.01386EPSS
Exploits0References7
Veracode
Veracode
added 2023/12/20 5:34 a.m.17 views

Authentication Bypass

libslurm.so is vulnerable to Authentication Bypass. The vulnerability is due to a message integrity bypass in slurmprotocolapi.c. An attacker can reuse root-level authentication tokens which allows an attacker to perform unauthorized actions...

8.8CVSS7AI score0.0104EPSS
Exploits0References6Affected Software2
SUSE CVE
SUSE CVE
added 2023/12/15 2:5 a.m.4 views

SUSE CVE-2023-49933

An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks. The fixed versions are 22.05.11,...

5.9CVSS6.9AI score0.00379EPSS
Exploits0References19
NVD
NVD
added 2023/12/14 5:15 a.m.43 views

CVE-2023-49935

An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect agains...

8.8CVSS0.0104EPSS
Exploits0References6
OSV
OSV
added 2023/12/14 5:15 a.m.3 views

DEBIAN-CVE-2023-49935

An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect agains...

8.8CVSS8AI score0.0104EPSS
Exploits0References1
OSV
OSV
added 2023/12/14 5:15 a.m.1 views

DEBIAN-CVE-2023-49933

An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks. The fixed versions are 22.05.11,...

7.5CVSS7.3AI score0.00379EPSS
Exploits0References1
Prion
Prion
added 2023/12/14 5:15 a.m.22 views

Design/Logic Flaw

An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks. The fixed versions are 22.05.11,...

5CVSS6.8AI score0.00379EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/12/14 5:15 a.m.9 views

UBUNTU-CVE-2023-49933

An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks. The fixed versions are 22.05.11,...

7.5CVSS5.8AI score0.00379EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/12/14 12:0 a.m.4 views

SchedMD Slurm Security Vulnerability

SchedMD Slurm is an open source and highly scalable cluster management and job scheduling system for large and small Linux clusters from SchedMD, Inc. A security vulnerability exists in SchedMD Slurm that stems from improper message integrity enforcement during transmission in a communication...

7.5CVSS6.8AI score0.00379EPSS
Exploits0References5
CVE
CVE
added 2023/12/14 12:0 a.m.95 views

CVE-2023-49933

CVE-2023-49933 affects SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. The vulnerability is described as Improper Enforcement of Message Integrity During Transmission in a communication channel, allowing an attacker to modify RPC traffic in a way that bypasses message hash checks. Affected versions ...

7.5CVSS8.2AI score0.00379EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2023/12/14 12:0 a.m.48 views

CVE-2023-49933

An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks. The fixed versions are 22.05.11,...

7.5CVSS7.1AI score0.00379EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/12/14 12:0 a.m.39 views

CVE-2023-49935

An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect agains...

8.8CVSS7.2AI score0.0104EPSS
Exploits0References3
OSV
OSV
added 2023/12/14 12:0 a.m.38 views

CVE-2023-49933

An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks. The fixed versions are 22.05.11,...

7.5CVSS6.6AI score0.00379EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/12/13 12:0 a.m.6 views

PT-2023-8199 · Schedmd +2 · Slurm +2

Name of the Vulnerable Software and Affected Versions: SchedMD Slurm versions 22.05.x through 22.05.10 SchedMD Slurm versions 23.02.x through 23.02.6 SchedMD Slurm versions 23.11.x through 23.11.0 Description: The issue is related to the improper enforcement of message integrity during transmissi...

9.8CVSS7.2AI score0.01386EPSS
Exploits0References118
Positive Technologies
Positive Technologies
added 2023/12/13 12:0 a.m.6 views

PT-2023-8198 · Schedmd +1 · Slurm +1

Name of the Vulnerable Software and Affected Versions: SchedMD Slurm versions 23.02.x through 23.02.6 SchedMD Slurm versions 23.11.x through 23.11.0 Description: The issue is related to incorrect access control due to a slurmd Message Integrity Bypass, allowing an attacker to reuse root-level...

9.8CVSS7.8AI score0.01386EPSS
Exploits0References60
RedhatCVE
RedhatCVE
added 2023/11/17 6:51 p.m.26 views

CVE-2023-46445

A flaw was found in python-asyncssh before 2.14.1 versions, where the rogue extension negotiation process is unauthenticated and allows injecting an info message. This flaw allows an attacker to replace the original message, downgrading the algorithm used for client authentication, which affects...

5.9CVSS5.4AI score0.00586EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/09/12 11:7 a.m.3 views

kernel: virt/coco/sev-guest: Double-buffer messages

In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integrity. Instead, copy...

5.7AI score0.00108EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2023/08/14 12:0 a.m.22 views

CODESYS Development System Improper Enforcement of Message Integrity Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of CODESYS Development System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the LearnMoreAction function. The issue results from a missing...

7.1CVSS7.3AI score0.01034EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/05/25 9:15 a.m.4 views

CVE-2023-2885

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle AiTM. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...

8.1CVSS7.2AI score0.00297EPSS
Exploits0References3
NVD
NVD
added 2023/05/25 9:15 a.m.11 views

CVE-2023-2885

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle AiTM. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7...

8.1CVSS8.2AI score0.00297EPSS
Exploits0References2
Rows per page
Query Builder