CVE-2010-4179

Published: Dec 7, 2010Modified: Apr 29, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

The installation documentation for Red Hat Enterprise Messaging, Realtime and Grid (MRG) 1.3 recommends that Condor should be configured so that the MRG Management Console (cumin) can submit jobs for users, which creates a trusted channel with insufficient access control that allows local users with the ability to publish to a broker to run jobs as arbitrary users via Condor QMF plug-ins.

Affected (1)

Products: Redhat: Enterprise Mrg

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Mrg	Version 1.3

Related CWEs

References (12)

http://secunia.com/advisories/42406

Source: secalert@redhat.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2010-0921.html

Source: secalert@redhat.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2010-0922.html

Source: secalert@redhat.com

Vendor Advisory

http://www.securitytracker.com/id?1024806

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2010/3091

Source: secalert@redhat.com

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=654856

Source: secalert@redhat.com

http://secunia.com/advisories/42406

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2010-0921.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2010-0922.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id?1024806

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2010/3091

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=654856

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.