CVE-2023-49933

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 14, 2023
Updated: Jan 3, 2024
CWE ID 924

Summary

CVE-2023-49933 is a vulnerability found in SchedMD Slurm versions 22.05.x, 23.02.x, and 23.11.x. The issue involves improper enforcement of message integrity during transmission in a communication channel, enabling attackers to modify RPC traffic and bypass message hash checks. The affected products include tVhU_O, tVhU_P, tVhU_M, tVhU_N, t24p8t, tVhU_K, t24p8s, tVhU_L, tVhU_I, tVhU_J, tVhU_G, tVhU_H, tVhU_E, tVhU_F, tVhU_C, tVhU_D, tVhU_B, t4aRh5 ,tVhU_S ,t9y8ed ,t9y8ee ,tVhU_Q ,t9y8ef ,tVhU_R and t3ovIV. To remediate this vulnerability, organizations should update to the fixed versions 22.05.11, 23.02.7 or 23.11.1 of SchedMD Slurm. This vulnerability has a base severity rating of HIGH with an exploitability score of 3.9 out of 10 and poses a potential danger to organizations as it can be exploited remotely over a network and has a high integrity impact on the system.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-49933 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options