The condor_schedd component in HTCondor before 8.6.8 and 8.7.x before 8.7.5 allows remote authenticated users to cause a denial of service (daemon crash) by leveraging use of GSI and VOMS extensions.
References
Link | Resource |
---|---|
http://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2017-0001.html | Mitigation Vendor Advisory |
https://www-auth.cs.wisc.edu/lists/htcondor-users/2017-November/msg00022.shtml | Mailing List Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
02 Feb 2021, 18:27
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:wisc:htcondor:*:*:*:*:*:*:*:* |
Information
Published : 2018-07-05 20:29
Updated : 2023-12-10 12:30
NVD link : CVE-2017-16816
Mitre link : CVE-2017-16816
CVE.ORG link : CVE-2017-16816
JSON object : View
Products Affected
wisc
- htcondor
CWE
CWE-20
Improper Input Validation