CVE-2012-3416

EPSS 1.88%
Published 25.08.2012 10:29:50
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname.

Affected products Warnungen 0 Metrics 2 CWE 1 References 12

Data is provided by the National Vulnerability Database (NVD)

Condor Project ≫ Condor Version <= 7.8.1

Condor Project ≫ Condor Version6.5.4

Condor Project ≫ Condor Version6.8.0

Condor Project ≫ Condor Version6.8.1

Condor Project ≫ Condor Version6.8.2

Condor Project ≫ Condor Version6.8.3

Condor Project ≫ Condor Version6.8.4

Condor Project ≫ Condor Version6.8.5

Condor Project ≫ Condor Version6.8.6

Condor Project ≫ Condor Version6.8.7

Condor Project ≫ Condor Version6.8.8

Condor Project ≫ Condor Version6.8.9

Condor Project ≫ Condor Version7.00

Condor Project ≫ Condor Version7.0.0

Condor Project ≫ Condor Version7.0.1

Condor Project ≫ Condor Version7.0.2

Condor Project ≫ Condor Version7.0.3

Condor Project ≫ Condor Version7.0.4

Condor Project ≫ Condor Version7.0.5

Condor Project ≫ Condor Version7.0.6

Condor Project ≫ Condor Version7.01

Condor Project ≫ Condor Version7.1.0

Condor Project ≫ Condor Version7.1.1

Condor Project ≫ Condor Version7.1.2

Condor Project ≫ Condor Version7.1.3

Condor Project ≫ Condor Version7.1.4

Condor Project ≫ Condor Version7.02

Condor Project ≫ Condor Version7.2.0

Condor Project ≫ Condor Version7.2.1

Condor Project ≫ Condor Version7.2.2

Condor Project ≫ Condor Version7.2.3

Condor Project ≫ Condor Version7.2.4

Condor Project ≫ Condor Version7.03

Condor Project ≫ Condor Version7.3.0

Condor Project ≫ Condor Version7.3.1

Condor Project ≫ Condor Version7.3.2

Condor Project ≫ Condor Version7.4.0

Condor Project ≫ Condor Version7.4.1

Condor Project ≫ Condor Version7.8.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.88%	0.823

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://osvdb.org/84766

http://research.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2012-0002.html

http://rhn.redhat.com/errata/RHSA-2012-1168.html

http://rhn.redhat.com/errata/RHSA-2012-1169.html

http://secunia.com/advisories/50246

Vendor Advisory

http://secunia.com/advisories/50294

Vendor Advisory

http://www.securityfocus.com/bid/55032

http://www.securitytracker.com/id?1027395

https://exchange.xforce.ibmcloud.com/vulnerabilities/77748

https://nvd.nist.gov/vuln/detail/CVE-2012-3416

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-3416

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-3416

EUVD