Altair PBS Professional through 19.1.2 allows Privilege Escalation because an attacker can send a message directly to pbs_mom, which fails to properly authenticate the message. This results in code execution as an arbitrary user.
https://www.hpcsec.com/2019/10/08/cve-2019-15719/
http://packetstormsecurity.com/files/154782/PBS-Professional-19.2.3-Authentication-Bypass.html