Condor Project » Condor : Security Vulnerabilities, CVEs, Published In 2013
The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
Max CVSS
3.5
EPSS Score
0.73%
Published
2013-10-11
Updated
2021-07-15
aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option.
Max CVSS
4.3
EPSS Score
0.69%
Published
2013-03-14
Updated
2023-02-13
The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
Max CVSS
4.0
EPSS Score
0.34%
Published
2013-10-11
Updated
2021-07-15
3 vulnerabilities found