CVE-2025-30093 — Incorrect Authorization in Htcondor

CWE-863 — Incorrect Authorization5 documents5 sources

Severity

8.1HIGHNVD

EPSS

0.2%

top 57.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Condor Project Condor Wisc Htcondor

Timeline

PublishedMar 27

Description

HTCondor 23.0.x before 23.0.22, 23.10.x before 23.10.22, 24.0.x before 24.0.6, and 24.6.x before 24.6.1 allows authenticated attackers to bypass authorization restrictions.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.2

Affected Packages2 packages

▶NVDwisc/htcondor23.0.0 — 23.0.22+2

▶Debiancondor_project/condor< 23.9.6+dfsg-2+1

🔴Vulnerability Details

OSV

CVE-2025-30093: HTCondor 23↗2025-03-27

▶

CVEList

CVE-2025-30093: HTCondor 23↗2025-03-27

▶

GHSA

GHSA-v64g-gxm8-whwj: HTCondor 23↗2025-03-27

▶

📋Vendor Advisories

Debian

CVE-2025-30093: condor - HTCondor 23.0.x before 23.0.22, 23.10.x before 23.10.22, 24.0.x before 24.0.6, a...↗2025

▶