CVE-2009-4133
Published Dec 23, 2009
Last updated 3 years ago
Overview
- Description
- Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:condor_project:condor:6.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D17C7D49-C87C-4531-9F60-AEA8217BC47B"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:6.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8E5E567-70BE-4C89-85BD-75BCA71D8DBC"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:6.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C82D2C15-DFD1-40E0-86FC-F48263416AA3"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:6.8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0C8D4B5-3A8A-42BA-8C9A-98989FA23A65"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:6.8.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA32C2CA-B61F-449B-B90A-054AF177C296"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:6.8.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03F817A5-9926-4AB5-8D25-8B68DC905B05"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:6.8.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52BDAA46-4598-4DC2-8B1B-D85CBF649133"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:6.8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "524D6F4F-4715-4F68-A069-87CDEF8BB5DA"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:6.8.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3219F472-97A7-4A8E-A45C-DBFB3E25AA17"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:6.8.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB2B77EF-FEC9-4433-8A15-5DF7F51B056D"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:6.8.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B67DCD1-6A39-4E77-AE65-9FADD3A267FE"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "324BAB04-B03E-499C-B58D-320D14740606"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16892FC7-5870-45A8-ABFE-D8EE5A565FF5"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C5E7E0F2-825E-4D21-A250-BEECBDDE3C6A"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E6BB9D8-6394-4317-90DF-475DE0FF0567"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9F3C190-977B-4FFA-8DA6-6C1DC337FE94"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1AC9E5EA-CD6B-401A-ACD5-0FA64A32DD5A"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A5888B30-EFC0-49D7-BDFC-219226A3BE94"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5985B827-0494-4B99-A0CC-3F2DCB486BBE"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6D49E49-D7C3-4A8D-87DF-26BFE479F0D7"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B921A880-DCC2-4AEB-A113-4AD520AA75D5"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C31EBEA-2CB0-4910-B644-BAA5CB900DF4"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "97AAA688-530F-4049-AEF7-B302F984DCDB"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE91D459-EF92-430A-98E8-1131D8BD8682"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0C54D26-9124-49E6-8EBA-00AE0640633A"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F3AD33E-A617-4C13-8858-7DCEDE3FDC87"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C66F0D08-3AE5-482A-B6AD-717475EB2D9C"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FDAC286B-A140-44E8-9B29-60B96A6B4555"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F44106D-CD31-4FF2-A589-A7A7492FC0CC"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D973598A-90C0-4AE0-A047-17866BD6DC46"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "05A424B0-D3AF-4AF6-8575-4AD6B8E91E51"
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7AA2890-BEC9-4AD6-AF74-6EC810E22AEF"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD09E081-B714-45A1-ACBB-28D805BFD01C"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]