CVE-2021-45101
published 2021-12-16CVE-2021-45101: An issue was discovered in HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2. Using standard command-line tools, a user with only READ access…
high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
An issue was discovered in HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2. Using standard command-line tools, a user with only READ access to an HTCondor SchedD or Collector daemon can discover secrets that could allow them to control other users' jobs and/or read their data.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| condor_project | condor | >= 0 < 23.2.0+dfsg-1 | 23.2.0+dfsg-1 |
| condor_project | condor | >= 0 < 23.2.0+dfsg-1 | 23.2.0+dfsg-1 |
| debian | condor | < condor 23.2.0+dfsg-1 (forky) | condor 23.2.0+dfsg-1 (forky) |
| wisc | htcondor | <= 8.8.13 | — |
| wisc | htcondor | — | — |
| wisc | htcondor | 9.0.0 – 9.0.2 | — |
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
osv8.1HIGH