CVE-2012-4462Improper Input Validation in Project Condor

CWE-20Improper Input Validation7 documents6 sources
Severity
4.3MEDIUMNVD
EPSS
0.7%
top 28.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Condor Project CondorRedhat Enterprise MRG
Timeline
PublishedMar 14
Latest updateMay 13

Description

aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-g8fv-4vr4-3m6h: aviary/jobcontrol2022-05-13
CVEList
CVE-2012-4462: aviary/jobcontrol2013-03-12

📋Vendor Advisories

2
Red Hat
condor: DoS when removing jobs via jobcontrol.py when job id is in square brackets2012-09-28
Debian
CVE-2012-4462: condor - aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when remo...2012

💬Community

2
Bugzilla
CVE-2012-4462 condor: DoS when removing jobs via jobcontrol.py when job id is in square brackets [fedora-all]2012-10-01
Bugzilla
CVE-2012-4462 condor: DoS when removing jobs via jobcontrol.py when job id is in square brackets2012-09-26
CVE-2012-4462 — Improper Input Validation | cvebase