Lucene search

[email protected]NVD:CVE-2012-3491

HistorySep 28, 2012 - 5:55 p.m.

CVE-2012-3491

2012-09-2817:55:01

CWE-264

[email protected]

web.nvd.nist.gov

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.7%

JSON

src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors.

Affected configurations

NVD

Node

condor_projectcondorMatch7.6.0

condor_projectcondorMatch7.6.1

condor_projectcondorMatch7.6.2

condor_projectcondorMatch7.6.3

condor_projectcondorMatch7.6.4

condor_projectcondorMatch7.6.5

condor_projectcondorMatch7.6.6

condor_projectcondorMatch7.6.7

condor_projectcondorMatch7.6.8

condor_projectcondorMatch7.6.9

condor_projectcondorMatch7.8.0

condor_projectcondorMatch7.8.1

condor_projectcondorMatch7.8.2

condor_projectcondorMatch7.8.3

References

condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1fff5d40

research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html

research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html

rhn.redhat.com/errata/RHSA-2012-1278.html

rhn.redhat.com/errata/RHSA-2012-1281.html

secunia.com/advisories/50666

www.openwall.com/lists/oss-security/2012/09/20/9

www.securityfocus.com/bid/55632

bugzilla.redhat.com/show_bug.cgi?id=848214

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.7%

JSON

Related for NVD:CVE-2012-3491

prion1 debiancve1 cvelist1 ubuntucve1 cve1 nessus2 veracode2 redhat2