Vulnerability Description
The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Condor Project | Condor | 7.9.0 |
Related Weaknesses (CWE)
References
- http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.hVendor Advisory
- http://secunia.com/advisories/51862
- http://www.securityfocus.com/bid/57328
- http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.hVendor Advisory
- http://secunia.com/advisories/51862
- http://www.securityfocus.com/bid/57328
FAQ
What is CVE-2012-5390?
CVE-2012-5390 is a vulnerability with a CVSS score of 10.0 (HIGH). The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privile...
How severe is CVE-2012-5390?
CVE-2012-5390 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-5390?
Check the references section above for vendor advisories and patch information. Affected products include: Condor Project Condor.