CVE-2012-5390Project Condor vulnerability

CWE-2647 documents7 sources
Severity
10.0CRITICALNVD
EPSS
1.9%
top 16.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Condor Project Condor
Timeline
PublishedJun 6
Latest updateMay 17

Description

The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

Ubuntucondor_project/condor< 8.0.5~dfsg.1-1ubuntu1
NVDcondor_project/condor10 versions+9

🔴Vulnerability Details

3
GHSA
GHSA-wmv8-6jgv-xfr2: The standard universe shadow (condor_shadow2022-05-17
CVEList
CVE-2012-5390: The standard universe shadow (condor_shadow2014-06-06
OSV
CVE-2012-5390: The standard universe shadow (condor_shadow2014-06-06

📋Vendor Advisories

2
Red Hat
condor: privilege escalation via jobs submitted to the standard universe (CONDOR-2012-0003)2012-10-22
Debian
CVE-2012-5390: condor - The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 throu...2012

💬Community

1
Bugzilla
CVE-2012-5390 condor: privilege escalation via jobs submitted to the standard universe (CONDOR-2012-0003)2013-01-11
CVE-2012-5390 — Condor Project Condor vulnerability | cvebase