10
CVE-2012-3416
- EPSS 5.1%
- Veröffentlicht 25.08.2012 10:29:50
- Zuletzt bearbeitet 16.06.2026 23:43:10
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Condor Project ≫ Condor Version <= 7.8.1
Condor Project ≫ Condor Version6.5.4
Condor Project ≫ Condor Version6.8.0
Condor Project ≫ Condor Version6.8.1
Condor Project ≫ Condor Version6.8.2
Condor Project ≫ Condor Version6.8.3
Condor Project ≫ Condor Version6.8.4
Condor Project ≫ Condor Version6.8.5
Condor Project ≫ Condor Version6.8.6
Condor Project ≫ Condor Version6.8.7
Condor Project ≫ Condor Version6.8.8
Condor Project ≫ Condor Version6.8.9
Condor Project ≫ Condor Version7.00
Condor Project ≫ Condor Version7.0.0
Condor Project ≫ Condor Version7.0.1
Condor Project ≫ Condor Version7.0.2
Condor Project ≫ Condor Version7.0.3
Condor Project ≫ Condor Version7.0.4
Condor Project ≫ Condor Version7.0.5
Condor Project ≫ Condor Version7.0.6
Condor Project ≫ Condor Version7.01
Condor Project ≫ Condor Version7.1.0
Condor Project ≫ Condor Version7.1.1
Condor Project ≫ Condor Version7.1.2
Condor Project ≫ Condor Version7.1.3
Condor Project ≫ Condor Version7.1.4
Condor Project ≫ Condor Version7.02
Condor Project ≫ Condor Version7.2.0
Condor Project ≫ Condor Version7.2.1
Condor Project ≫ Condor Version7.2.2
Condor Project ≫ Condor Version7.2.3
Condor Project ≫ Condor Version7.2.4
Condor Project ≫ Condor Version7.03
Condor Project ≫ Condor Version7.3.0
Condor Project ≫ Condor Version7.3.1
Condor Project ≫ Condor Version7.3.2
Condor Project ≫ Condor Version7.4.0
Condor Project ≫ Condor Version7.4.1
Condor Project ≫ Condor Version7.8.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.1% | 0.913 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
http://osvdb.org/84766
http://research.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2012-0002.html
http://rhn.redhat.com/errata/RHSA-2012-1168.html
http://rhn.redhat.com/errata/RHSA-2012-1169.html
http://secunia.com/advisories/50246
http://secunia.com/advisories/50294
http://www.securityfocus.com/bid/55032
http://www.securitytracker.com/id?1027395
https://exchange.xforce.ibmcloud.com/vulnerabilities/77748