Matthew Farrellee

**Name of the Vulnerable Software and Affected Versions** Condor versions 6.5.4 through 7.2.4 Condor version 7.3.x Condor version 7.4.0 **Description** The issue allows remote authenticated users to queue jobs as an arbitrary user and gain privileges by modifying an unspecified job attribute using a Condor command-line tool. **Recommendations** For Condor versions 6.5.4 through 7.2.4, consider restricting access to the command-line tool until a fix is available. For Condor version 7.3.x, restrict the ability to modify job attributes to prevent privilege escalation. For Condor version 7.4.0, limit the queueing of jobs to authorized users to mitigate the risk of exploitation.