Vulnerabilities > Wisc

DATE CVE VULNERABILITY TITLE RISK
2022-04-06 CVE-2021-45104 Cleartext Transmission of Sensitive Information vulnerability in Wisc Htcondor
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1.
network
high complexity
wisc CWE-319
7.4
7.4
2022-04-06 CVE-2022-26110 An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0.
network
low complexity
wisc debian
8.8
8.8
2022-04-06 CVE-2021-45103 Information Exposure Through Log Files vulnerability in Wisc Htcondor
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1.
network
low complexity
wisc CWE-532
8.1
8.1
2021-12-16 CVE-2021-45101 Unspecified vulnerability in Wisc Htcondor
An issue was discovered in HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2.
network
low complexity
wisc
8.1
8.1
2021-12-16 CVE-2021-45102 Incorrect Authorization vulnerability in Wisc Htcondor
An issue was discovered in HTCondor 9.0.x before 9.0.4 and 9.1.x before 9.1.2.
network
low complexity
wisc CWE-863
8.8
8.8
2021-01-27 CVE-2021-25312 Missing Authentication for Critical Function vulnerability in Wisc Htcondor
HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method.
network
low complexity
wisc CWE-306
8.8
8.8
2021-01-27 CVE-2021-25311 Path Traversal vulnerability in Wisc Htcondor
condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root.
network
low complexity
wisc CWE-22
critical
 9.9
9.9
2020-04-27 CVE-2019-18823 Improper Authentication vulnerability in multiple products
HTCondor up to and including stable series 8.8.6 and development series 8.9.4 has Incorrect Access Control.
network
low complexity
wisc fedoraproject debian CWE-287
critical
 9.8
9.8
2020-01-31 CVE-2014-8126 Improper Input Validation vulnerability in Wisc Htcondor
The scheduler in HTCondor before 8.2.6 allows remote authenticated users to execute arbitrary code.
network
low complexity
wisc CWE-20
8.8
8.8
2020-01-09 CVE-2012-3490 Unspecified vulnerability in Wisc Htcondor
The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors.
network
low complexity
wisc
8.8
8.8