Unrated severityNVD Advisory· Published Apr 6, 2022· Updated Aug 3, 2024
CVE-2022-26110
CVE-2022-26110
Description
An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0. When a user authenticates to an HTCondor daemon via the CLAIMTOBE method, the user can then impersonate any entity when issuing additional commands to that daemon.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 8.8.x < 8.8.16, 9.0.x < 9.0.10, 9.1.x < 9.6.0
Patches
Vulnerability mechanics
References
3- www.debian.org/security/2022/dsa-5144mitrevendor-advisoryx_refsource_DEBIAN
- lists.debian.org/debian-lts-announce/2022/04/msg00016.htmlmitremailing-listx_refsource_MLIST
- research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2022-0003/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.