4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
0.4%
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and
possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly
other products, allow local users to cause a denial of service
(condor_schedd daemon and failure to launch jobs) and possibly execute
arbitrary code via format string specifiers in (1) the reason for a hold
for a job that uses an XML user log, (2) the filename of a file to be
transferred, and possibly other unspecified vectors.