7.5
CVE-2011-2907
- EPSS 2.88%
- Veröffentlicht 15.08.2011 19:55:04
- Zuletzt bearbeitet 16.06.2026 23:32:13
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginTerascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBS_O_HOST variable to the qsub program.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Clusterresources ≫ Torque Resource Manager Version <= 3.0.1
Clusterresources ≫ Torque Resource Manager Version2.1.0
Clusterresources ≫ Torque Resource Manager Version2.1.0p11
Clusterresources ≫ Torque Resource Manager Version2.1.1
Clusterresources ≫ Torque Resource Manager Version2.1.2
Clusterresources ≫ Torque Resource Manager Version2.1.3
Clusterresources ≫ Torque Resource Manager Version2.1.6
Clusterresources ≫ Torque Resource Manager Version2.1.7
Clusterresources ≫ Torque Resource Manager Version2.1.8
Clusterresources ≫ Torque Resource Manager Version2.1.9
Clusterresources ≫ Torque Resource Manager Version2.1.10
Clusterresources ≫ Torque Resource Manager Version2.1.11
Clusterresources ≫ Torque Resource Manager Version2.2.1
Clusterresources ≫ Torque Resource Manager Version2.3.0
Clusterresources ≫ Torque Resource Manager Version2.3.1
Clusterresources ≫ Torque Resource Manager Version2.3.2
Clusterresources ≫ Torque Resource Manager Version2.3.3
Clusterresources ≫ Torque Resource Manager Version2.3.4
Clusterresources ≫ Torque Resource Manager Version2.3.5
Clusterresources ≫ Torque Resource Manager Version2.3.6
Clusterresources ≫ Torque Resource Manager Version2.3.7
Clusterresources ≫ Torque Resource Manager Version2.3.8
Clusterresources ≫ Torque Resource Manager Version2.3.9
Clusterresources ≫ Torque Resource Manager Version2.3.10
Clusterresources ≫ Torque Resource Manager Version2.3.11
Clusterresources ≫ Torque Resource Manager Version2.3.12
Clusterresources ≫ Torque Resource Manager Version2.3.13
Clusterresources ≫ Torque Resource Manager Version2.4.2
Clusterresources ≫ Torque Resource Manager Version2.4.3
Clusterresources ≫ Torque Resource Manager Version2.4.4
Clusterresources ≫ Torque Resource Manager Version2.4.5
Clusterresources ≫ Torque Resource Manager Version2.4.6
Clusterresources ≫ Torque Resource Manager Version2.4.7
Clusterresources ≫ Torque Resource Manager Version2.4.8
Clusterresources ≫ Torque Resource Manager Version2.4.9
Clusterresources ≫ Torque Resource Manager Version2.4.10
Clusterresources ≫ Torque Resource Manager Version2.4.11
Clusterresources ≫ Torque Resource Manager Version2.4.12
Clusterresources ≫ Torque Resource Manager Version2.4.13
Clusterresources ≫ Torque Resource Manager Version2.5.0
Clusterresources ≫ Torque Resource Manager Version2.5.1
Clusterresources ≫ Torque Resource Manager Version2.5.2
Clusterresources ≫ Torque Resource Manager Version2.5.3
Clusterresources ≫ Torque Resource Manager Version2.5.4
Clusterresources ≫ Torque Resource Manager Version2.5.5
Clusterresources ≫ Torque Resource Manager Version3.0.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.88% | 0.85 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
http://secunia.com/advisories/45524
http://www.clusterresources.com/pipermail/torqueusers/2011-August/013194.html
http://www.openwall.com/lists/oss-security/2011/08/11/1
http://www.securityfocus.com/bid/49119
https://bugzilla.redhat.com/show_bug.cgi?id=713090
https://exchange.xforce.ibmcloud.com/vulnerabilities/69138
https://wiki.egi.eu/wiki/SVG:Advisory-SVG-2011-2296