10

CVE-2012-3416

Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Condor ProjectCondor Version <= 7.8.1
Condor ProjectCondor Version6.5.4
Condor ProjectCondor Version6.8.0
Condor ProjectCondor Version6.8.1
Condor ProjectCondor Version6.8.2
Condor ProjectCondor Version6.8.3
Condor ProjectCondor Version6.8.4
Condor ProjectCondor Version6.8.5
Condor ProjectCondor Version6.8.6
Condor ProjectCondor Version6.8.7
Condor ProjectCondor Version6.8.8
Condor ProjectCondor Version6.8.9
Condor ProjectCondor Version7.00
Condor ProjectCondor Version7.0.0
Condor ProjectCondor Version7.0.1
Condor ProjectCondor Version7.0.2
Condor ProjectCondor Version7.0.3
Condor ProjectCondor Version7.0.4
Condor ProjectCondor Version7.0.5
Condor ProjectCondor Version7.0.6
Condor ProjectCondor Version7.01
Condor ProjectCondor Version7.1.0
Condor ProjectCondor Version7.1.1
Condor ProjectCondor Version7.1.2
Condor ProjectCondor Version7.1.3
Condor ProjectCondor Version7.1.4
Condor ProjectCondor Version7.02
Condor ProjectCondor Version7.2.0
Condor ProjectCondor Version7.2.1
Condor ProjectCondor Version7.2.2
Condor ProjectCondor Version7.2.3
Condor ProjectCondor Version7.2.4
Condor ProjectCondor Version7.03
Condor ProjectCondor Version7.3.0
Condor ProjectCondor Version7.3.1
Condor ProjectCondor Version7.3.2
Condor ProjectCondor Version7.4.0
Condor ProjectCondor Version7.4.1
Condor ProjectCondor Version7.8.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.88% 0.823
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.