CVE-2012-5390

Published Jun 6, 2014

Last updated 10 years ago

CVSS info 10.0

Overview

Description: The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12276DD9-6777-453A-8246-152CE4C8FCD1"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A1C1780-D08E-4E91-9379-CC6070360859"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD6855FF-3285-48CA-951B-7B2CD53CCB16"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "536EBEBB-3957-4080-84D8-AC77A1452F2A"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.8.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31EC8BC4-F8F8-41E5-A823-D640B2719554"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A997604-130B-469F-A150-B96FE1F3942D"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E2F6B46-B99F-4832-95A5-9F758DC56010"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.7.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C37E677-EA9D-4D31-9D6A-24501E51FCC6"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.7.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0E78B62-0DD3-4953-AB95-6880ED7A60DE"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.7.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3318A37-27D8-4D12-B59E-FF5ED12953FC"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References