The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.
References
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 02:11
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2012-09-28 17:55
Updated : 2024-02-28 12:00
NVD link : CVE-2012-3492
Mitre link : CVE-2012-3492
CVE.ORG link : CVE-2012-3492
JSON object : View
Products Affected
condor_project
- condor
CWE
CWE-287
Improper Authentication