← Back

CVE-2012-3492

nvd nist
Published: Sep 28, 2012Modified: Apr 29, 2026

JSON object

Loading...
6.4
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:N
Exploitability: 10.0 / Impact: 4.9
Source: NVD

Description

The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.

Affected (14)

Condor Project
1 product
Condor
Configuration A
14 vulnerable
Vulnerable SoftwareAffected Versions
Condor Project
Condor
Version 7.6.0
Condor
Version 7.6.1
Condor
Version 7.6.2
Condor
Version 7.6.3
Condor
Version 7.6.4
Condor
Version 7.6.5
Condor
Version 7.6.6
Condor
Version 7.6.7
Condor
Version 7.6.8
Condor
Version 7.6.9
Condor
Version 7.8.0
Condor
Version 7.8.1
Condor
Version 7.8.2
Condor
Version 7.8.3

Related CWEs

CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (18)

Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.