DEBIAN-CVE-2023-49933
- Source
- https://security-tracker.debian.org/tracker/CVE-2023-49933
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-49933.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-49933
- Upstream
- Published
- 2023-12-14T05:15:08Z
- Modified
- 2025-09-25T23:28:54.944944Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.
- References
Affected packages
Debian:11 / slurm-wlm
Package
- Name
- slurm-wlm
- Purl
- pkg:deb/debian/slurm-wlm?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
20.*
20.11.7+really20.11.4-2
20.11.7+really20.11.4-2+deb11u1
20.11.8-1
21.*
21.08.5-1
21.08.5-1.1
21.08.5-2
21.08.6-1
21.08.7-1
21.08.8.2-1
21.08.8.2-1.1
22.*
22.05.7-1
22.05.7-2
22.05.8-1
22.05.8-2
22.05.8-3
22.05.8-4
23.*
23.02.3-1
23.02.3-2
23.02.5-1
23.02.6-1
23.02.6-1.1~exp1
23.11.3-1
23.11.3-2
23.11.3-2.1~exp1
23.11.3-2.1~exp2
23.11.4-1
23.11.4-1.1
23.11.4-1.2
23.11.4-1.3
23.11.4-1.4
23.11.4-2
23.11.6-1
23.11.7-1
24.*
24.05.1-1
24.05.1-2
24.05.2-1
24.05.4-1
24.11.0-1
24.11.0-1.1
24.11.0-2
24.11.1-1
24.11.3-1
24.11.3-2
24.11.5-1
24.11.5-2
24.11.5-3
24.11.5-4
Debian:12 / slurm-wlm
Package
- Name
- slurm-wlm
- Purl
- pkg:deb/debian/slurm-wlm?arch=source
Debian:13 / slurm-wlm
Package
- Name
- slurm-wlm
- Purl
- pkg:deb/debian/slurm-wlm?arch=source
Debian:14 / slurm-wlm
Package
- Name
- slurm-wlm
- Purl
- pkg:deb/debian/slurm-wlm?arch=source