Vulnerabilities > CVE-2023-49938 - Unspecified vulnerability in Schedmd Slurm

CVSS 8.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

LOW

Availability impact

NONE

network

low complexity

schedmd

NVD

Published: 2023-12-14

Updated: 2024-01-03

Summary

An issue was discovered in SchedMD Slurm 22.05.x and 23.02.x. There is Incorrect Access Control: an attacker can modified their extended group list that is used with the sbcast subsystem, and open files with an unauthorized set of extended groups. The fixed versions are 22.05.11 and 23.02.7.

Vulnerable Configurations

Part	Description	Count
Application	Schedmd Schedmd Slurm 22.05.0 Schedmd Slurm 22.05.1 Schedmd Slurm 22.05.2 Schedmd Slurm 22.05.3 Schedmd Slurm 22.05.4 Schedmd Slurm 22.05.5 Schedmd Slurm 22.05.6 Schedmd Slurm 22.05.7 Schedmd Slurm 22.05.8 Schedmd Slurm 22.05.9 Schedmd Slurm 22.05.10 Schedmd Slurm 23.02.0 Schedmd Slurm 23.02.1 Schedmd Slurm 23.02.2 Schedmd Slurm 23.02.3 Schedmd Slurm 23.02.4 Schedmd Slurm 23.02.5 Schedmd Slurm 23.02.6	18

Summary

Vulnerable Configurations

References