VYPR
Unrated severityNVD Advisory· Published Apr 6, 2022· Updated Aug 3, 2024

CVE-2022-26110

CVE-2022-26110

Description

An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0. When a user authenticates to an HTCondor daemon via the CLAIMTOBE method, the user can then impersonate any entity when issuing additional commands to that daemon.

Affected products

2
  • Condor Project/Htcondorcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 8.8.x < 8.8.16, 9.0.x < 9.0.10, 9.1.x < 9.6.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.