CVE-2023-49937

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 14, 2023
Updated: Jan 3, 2024
CWE ID 415

Summary

CVE-2023-49937 is a vulnerability discovered in SchedMD Slurm versions 22.05.x, 23.02.x, and 23.11.x. This vulnerability allows attackers to cause a denial of service or potentially execute arbitrary code due to a double free issue. The affected products include tVhU_O, tVhU_P, tVhU_M, tVhU_N, t24p8t, tVhU_K, t24p8s, tVhU_L, tVhU_I, tVhU_J, tVhU_G, tVhU_H, tVhU_E, tVhU_F, tVhU_C, tVhU_D, tVhU_B, t4aRh5, tVhU_S, t9y8ed, tVhU_Q,t9y8ee,t9y8ef,tVhuR and t3ovIV. To remediate this vulnerability and mitigate the risk it poses to an organization's network security and data integrity/high availability (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S: U/C:H/I:H/A:H), it is recommended to update to the fixed versions 22.05.11., 23.02.7., or 23.11.1 provided by SchedMD Slurm. Note: The text provided does not contain information about potential danger to an organization besides mentioning denial of service and arbitrary code execution as the possible consequences of the vulnerability.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-49937 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options