An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect against undesired MUNGE credential reuse. The fixed versions are 23.02.7 and 23.11.1.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-12-14T00:00:00
Updated: 2024-01-03T03:06:27.612392
Reserved: 2023-12-03T00:00:00
Link: CVE-2023-49935
JSON object: View
NVD Information
Status : Modified
Published: 2023-12-14T05:15:10.490
Modified: 2024-01-03T03:15:09.867
Link: CVE-2023-49935
JSON object: View
Redhat Information
No data.
CWE