Arbitrary Idle Job Removal Vulnerability in Condor 7.6.x and 7.8.x

Arbitrary Idle Job Removal Vulnerability in Condor 7.6.x and 7.8.x

CVE-2012-3491 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors.

Learn more about our User Device Pen Test.