Tj Knoeller

Name of the Vulnerable Software and Affected Versions: HTCondor versions 8.8.6 and earlier HTCondor versions 8.9.4 and earlier Description: The issue is related to Incorrect Access Control, allowing the use of a different authentication method to submit a job than the administrator has specified. If the administrator has configured the READ or WRITE methods to include CLAIMTOBE, it is possible to impersonate another user to the condor schedd, potentially allowing actions such as submitting or removing jobs. Recommendations: For HTCondor versions 8.8.6 and earlier, update to a version that includes the fix for this issue. For HTCondor versions 8.9.4 and earlier, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting the use of CLAIMTOBE in the READ and WRITE methods to prevent impersonation.