RSS   Podatności dla 'Htcondor'   RSS

2021-01-27
 
CVE-2021-25312

CWE-306
 

 
HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method.

 
 
CVE-2021-25311

CWE-22
 

 
condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root.

 


Copyright 2024, cxsecurity.com

 

Back to Top