Vulnerability in Condor_project Condor

CVE-2012-5390

The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job.

EPSS: 0.019 (83.5th percentile) — read the EPSS interpretation.

Affected products

Condor_project Condor — versions 7.9.0, 7.8.0, 7.8.1
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
57328 (vdb-entry, x_refsource_BID)
51862 (x_refsource_SECUNIA, third-party-advisory)