CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-25311

condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.028

EPSS Ranking 85.4%

CVSS Severity

CVSS v3 Score 9.9

CVSS v2 Score 9.0

References

https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2021-0002.html
https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2021-0002.html

Products affected by CVE-2021-25311

Wisc » Htcondor » Version: 8.9.10

cpe:2.3:a:wisc:htcondor:8.9.10
Wisc » Htcondor » Version: 8.9.7

cpe:2.3:a:wisc:htcondor:8.9.7
Wisc » Htcondor » Version: 8.9.8

cpe:2.3:a:wisc:htcondor:8.9.8
Wisc » Htcondor » Version: 8.9.9

cpe:2.3:a:wisc:htcondor:8.9.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-25311

Products

Pricing

Contact Us