PT-2021-24207 · Htcondor · Htcondor

Jaime Frey

Published

2021-12-16

Updated

2023-08-08

CVE-2021-45101

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions: HTCondor versions prior to 8.8.15 HTCondor versions 9.0.x prior to 9.0.4 HTCondor versions 9.1.x prior to 9.1.2

Description: An issue was discovered in HTCondor that allows a user with only READ access to an HTCondor SchedD or Collector daemon to discover secrets. These secrets could allow them to control other users' jobs and/or read their data using standard command-line tools.

Recommendations: For HTCondor versions prior to 8.8.15, update to version 8.8.15 or later. For HTCondor versions 9.0.x prior to 9.0.4, update to version 9.0.4 or later. For HTCondor versions 9.1.x prior to 9.1.2, update to version 9.1.2 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-45101

Affected Products

Htcondor

PT-2021-24207 · Htcondor · Htcondor

CVE-2021-45101

Related Identifiers

Affected Products

References · 9