CVE-2022-26110

An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0. When a user authenticates to an HTCondor daemon via the CLAIMTOBE method, the user can then impersonate any entity when issuing additional commands to that daemon.
Configurations

Configuration 1

cpe:2.3:a:wisc:htcondor:*:*:*:*:*:*:*:*
cpe:2.3:a:wisc:htcondor:*:*:*:*:*:*:*:*
cpe:2.3:a:wisc:htcondor:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Information

Published : 2022-04-06 02:15

Updated : 2022-09-03 03:34


NVD link : CVE-2022-26110

Mitre link : CVE-2022-26110

Products Affected
No products.