Security Advisory

CVE-2023-49935

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-14 00:00:00

Last updated 2025-11-04 18:20:08

Assigner mitre

State PUBLISHED

Description

An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect against undesired MUNGE credential reuse. The fixed versions are 23.02.7 and 23.11.1.

← Browse all CVEs View on cve.org ↗