Lucene search

[email protected]CVE-2012-3416

HistoryAug 25, 2012 - 10:29 a.m.

CVE-2012-3416

2012-08-2510:29:50

CWE-287

[email protected]

web.nvd.nist.gov

condor

cve-2012-3416

authentication bypass

remote attackers

nvd

host-based authentication

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.1%

JSON

Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname.

Affected configurations

NVD

Node

condor_projectcondorRange≤7.8.1

condor_projectcondorMatch6.5.4

condor_projectcondorMatch6.8.0

condor_projectcondorMatch6.8.1

condor_projectcondorMatch6.8.2

condor_projectcondorMatch6.8.3

condor_projectcondorMatch6.8.4

condor_projectcondorMatch6.8.5

condor_projectcondorMatch6.8.6

condor_projectcondorMatch6.8.7

condor_projectcondorMatch6.8.8

condor_projectcondorMatch6.8.9

condor_projectcondorMatch7.00

condor_projectcondorMatch7.0.0

condor_projectcondorMatch7.0.1

condor_projectcondorMatch7.0.2

condor_projectcondorMatch7.0.3

condor_projectcondorMatch7.0.4

condor_projectcondorMatch7.0.5

condor_projectcondorMatch7.0.6

condor_projectcondorMatch7.01

condor_projectcondorMatch7.1.0

condor_projectcondorMatch7.1.1

condor_projectcondorMatch7.1.2

condor_projectcondorMatch7.1.3

condor_projectcondorMatch7.1.4

condor_projectcondorMatch7.02

condor_projectcondorMatch7.2.0

condor_projectcondorMatch7.2.1

condor_projectcondorMatch7.2.2

condor_projectcondorMatch7.2.3

condor_projectcondorMatch7.2.4

condor_projectcondorMatch7.03

condor_projectcondorMatch7.3.0

condor_projectcondorMatch7.3.1

condor_projectcondorMatch7.3.2

condor_projectcondorMatch7.4.0

condor_projectcondorMatch7.4.1

condor_projectcondorMatch7.8.0

CPENameOperatorVersion
condor_project:condorcondor project condorle7.8.1
condor_project:condorcondor project condoreq6.5.4
condor_project:condorcondor project condoreq6.8.0
condor_project:condorcondor project condoreq6.8.1
condor_project:condorcondor project condoreq6.8.2
condor_project:condorcondor project condoreq6.8.3
condor_project:condorcondor project condoreq6.8.4
condor_project:condorcondor project condoreq6.8.5
condor_project:condorcondor project condoreq6.8.6
condor_project:condorcondor project condoreq6.8.7

CPE	Name	Operator	Version
condor_project:condor	condor project condor	le	7.8.1
condor_project:condor	condor project condor	eq	6.5.4
condor_project:condor	condor project condor	eq	6.8.0
condor_project:condor	condor project condor	eq	6.8.1
condor_project:condor	condor project condor	eq	6.8.2
condor_project:condor	condor project condor	eq	6.8.3
condor_project:condor	condor project condor	eq	6.8.4
condor_project:condor	condor project condor	eq	6.8.5
condor_project:condor	condor project condor	eq	6.8.6
condor_project:condor	condor project condor	eq	6.8.7