Pbs Professional · Torque Resource Manager · CVE-2013-4495
**Name of the Vulnerable Software and Affected Versions**
TORQUE Resource Manager versions prior to 4.2.6
**Description**
The issue allows remote attackers to execute arbitrary commands via shell metacharacters in the email (-M switch) to qsub, due to a problem in the send the mail function in server/svr mail.c.
**Recommendations**
For versions prior to 4.2.6, update to version 4.2.6 or later to resolve the issue. As a temporary workaround, consider restricting the use of the -M switch in qsub to minimize the risk of exploitation.