CyberSec.Space Logo
Back to CVE Browser

CVE-2012-5390

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0550%
EPSS Percentile42.19th
PublishedJun 6, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job.

Affected Platforms (CPE)

πŸ“¦
Condor Project

Condor

= 7.9.0
πŸ“¦
Condor Project

Condor

= 7.8.0
πŸ“¦
Condor Project

Condor

= 7.8.1
πŸ“¦
Condor Project

Condor

= 7.8.2
πŸ“¦
Condor Project

Condor

= 7.8.3
πŸ“¦
Condor Project

Condor

= 7.8.4
πŸ“¦
Condor Project

Condor

= 7.7.3
πŸ“¦
Condor Project

Condor

= 7.7.4
πŸ“¦
Condor Project

Condor

= 7.7.5
πŸ“¦
Condor Project

Condor

= 7.7.6

References & Advisories

πŸ”— http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html
πŸ”— http://secunia.com/advisories/51862
πŸ”— http://www.securityfocus.com/bid/57328
πŸ”— http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html
πŸ”— http://secunia.com/advisories/51862
πŸ”— http://www.securityfocus.com/bid/57328

Related Vulnerabilities

CVE-2012-519610.0

Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors.

CVE-2012-519710.0

Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors r...

CVE-2012-341610.0

Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or...

CVE-2021-253119.9

condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonst...