CyberSec.Space Logo
CVEブラウザに戻る

CVE-2012-5390

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0550%
EPSS Percentile42.19th
Published2014年6月6日
Last Modified2026年5月6日

Vulnerability Description

The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job.

Affected Platforms (CPE)

📦
Condor Project

Condor

= 7.9.0
📦
Condor Project

Condor

= 7.8.0
📦
Condor Project

Condor

= 7.8.1
📦
Condor Project

Condor

= 7.8.2
📦
Condor Project

Condor

= 7.8.3
📦
Condor Project

Condor

= 7.8.4
📦
Condor Project

Condor

= 7.7.3
📦
Condor Project

Condor

= 7.7.4
📦
Condor Project

Condor

= 7.7.5
📦
Condor Project

Condor

= 7.7.6

References & Advisories

🔗 http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html
🔗 http://secunia.com/advisories/51862
🔗 http://www.securityfocus.com/bid/57328
🔗 http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html
🔗 http://secunia.com/advisories/51862
🔗 http://www.securityfocus.com/bid/57328

関連する脆弱性情報

CVE-2012-519610.0

Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors.

CVE-2012-519710.0

Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors r...

CVE-2012-341610.0

Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or...

CVE-2021-253119.9

condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonst...