Wisc HTCondor 7.6.1

CPE Details

Wisc HTCondor 7.6.1
wisc
htcondor
7.6.1
2020-01-27
11h51 +00:00
2020-01-27
11h51 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:wisc:htcondor:7.6.1:*:*:*:*:*:*:*

Informations

Vendor

wisc

Product

htcondor

Version

7.6.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-45101 2021-12-16 03h46 +00:00 An issue was discovered in HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2. Using standard command-line tools, a user with only READ access to an HTCondor SchedD or Collector daemon can discover secrets that could allow them to control other users' jobs and/or read their data.
8.1
High
CVE-2014-8126 2020-01-31 20h39 +00:00 The scheduler in HTCondor before 8.2.6 allows remote authenticated users to execute arbitrary code.
8.8
High
CVE-2012-3490 2020-01-09 19h23 +00:00 The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors.
8.8
High
CVE-2017-16816 2018-07-05 18h00 +00:00 The condor_schedd component in HTCondor before 8.6.8 and 8.7.x before 8.7.5 allows remote authenticated users to cause a denial of service (daemon crash) by leveraging use of GSI and VOMS extensions.
6.5
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.