An issue was discovered in HTCondor 9.0.x before 9.0.4 and 9.1.x before 9.1.2. When authenticating to an HTCondor daemon using a SciToken, a user may be granted authorizations beyond what the token should allow.
References
Link | Resource |
---|---|
https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2021-0004/ | Mitigation Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-12-16T04:46:58
Updated: 2021-12-16T04:46:58
Reserved: 2021-12-16T00:00:00
Link: CVE-2021-45102
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-12-16T05:15:08.917
Modified: 2021-12-22T19:51:33.407
Link: CVE-2021-45102
JSON object: View
Redhat Information
No data.
CWE