CVE-2012-3416 Detail

CVE-2012-3416

CVE Descriptions

Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-287	Improper Authentication When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	10		AV:N/AC:L/Au:N/C:C/I:C/A:C	[email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Products Mentioned

Configuraton 0

Condor_project>>Condor >> Version To (including) 7.8.1

Condor_project>>Condor >> Version 7.0.4 (Open CPE detail)
Condor_project>>Condor >> Version 7.2.0 (Open CPE detail)
Condor_project>>Condor >> Version 7.2.1 (Open CPE detail)
Condor_project>>Condor >> Version 7.2.2 (Open CPE detail)
Condor_project>>Condor >> Version 7.2.3 (Open CPE detail)
Condor_project>>Condor >> Version 7.2.4 (Open CPE detail)
Condor_project>>Condor >> Version 7.2.5 (Open CPE detail)
Condor_project>>Condor >> Version 7.3.0 (Open CPE detail)
Condor_project>>Condor >> Version 7.3.1 (Open CPE detail)
Condor_project>>Condor >> Version 7.3.2 (Open CPE detail)
Condor_project>>Condor >> Version 7.4.0 (Open CPE detail)
Condor_project>>Condor >> Version 7.4.1 (Open CPE detail)
Condor_project>>Condor >> Version 7.4.2 (Open CPE detail)
Condor_project>>Condor >> Version 7.5.4 (Open CPE detail)
Condor_project>>Condor >> Version 7.6.0 (Open CPE detail)
Condor_project>>Condor >> Version 7.6.1 (Open CPE detail)
Condor_project>>Condor >> Version 7.6.2 (Open CPE detail)
Condor_project>>Condor >> Version 7.6.3 (Open CPE detail)
Condor_project>>Condor >> Version 7.6.4 (Open CPE detail)
Condor_project>>Condor >> Version 7.6.5 (Open CPE detail)
Condor_project>>Condor >> Version 7.6.6 (Open CPE detail)
Condor_project>>Condor >> Version 7.6.7 (Open CPE detail)
Condor_project>>Condor >> Version 7.6.8 (Open CPE detail)
Condor_project>>Condor >> Version 7.6.9 (Open CPE detail)
Condor_project>>Condor >> Version 7.6.10 (Open CPE detail)
Condor_project>>Condor >> Version 7.7.0 (Open CPE detail)
Condor_project>>Condor >> Version 7.7.1 (Open CPE detail)
Condor_project>>Condor >> Version 7.7.2 (Open CPE detail)
Condor_project>>Condor >> Version 7.7.3 (Open CPE detail)
Condor_project>>Condor >> Version 7.7.4 (Open CPE detail)
Condor_project>>Condor >> Version 7.7.5 (Open CPE detail)
Condor_project>>Condor >> Version 7.7.6 (Open CPE detail)
Condor_project>>Condor >> Version 7.8.0 (Open CPE detail)
Condor_project>>Condor >> Version 7.8.1 (Open CPE detail)

Condor_project>>Condor >> Version 6.5.4

Condor_project>>Condor >> Version 6.8.0

Condor_project>>Condor >> Version 6.8.1

Condor_project>>Condor >> Version 6.8.2

Condor_project>>Condor >> Version 6.8.3

Condor_project>>Condor >> Version 6.8.4

Condor_project>>Condor >> Version 6.8.5

Condor_project>>Condor >> Version 6.8.6

Condor_project>>Condor >> Version 6.8.7

Condor_project>>Condor >> Version 6.8.8

Condor_project>>Condor >> Version 6.8.9

Condor_project>>Condor >> Version 7.00

Condor_project>>Condor >> Version 7.0.0

Condor_project>>Condor >> Version 7.0.1

Condor_project>>Condor >> Version 7.0.2

Condor_project>>Condor >> Version 7.0.3

Condor_project>>Condor >> Version 7.0.4

Condor_project>>Condor >> Version 7.0.4 (Open CPE detail)

Condor_project>>Condor >> Version 7.0.5

Condor_project>>Condor >> Version 7.0.6

Condor_project>>Condor >> Version 7.01

Condor_project>>Condor >> Version 7.1.0

Condor_project>>Condor >> Version 7.1.1

Condor_project>>Condor >> Version 7.1.2

Condor_project>>Condor >> Version 7.1.3

Condor_project>>Condor >> Version 7.1.4

Condor_project>>Condor >> Version 7.02

Condor_project>>Condor >> Version 7.2.0

Condor_project>>Condor >> Version 7.2.0 (Open CPE detail)

Condor_project>>Condor >> Version 7.2.1

Condor_project>>Condor >> Version 7.2.1 (Open CPE detail)

Condor_project>>Condor >> Version 7.2.2

Condor_project>>Condor >> Version 7.2.2 (Open CPE detail)

Condor_project>>Condor >> Version 7.2.3

Condor_project>>Condor >> Version 7.2.3 (Open CPE detail)

Condor_project>>Condor >> Version 7.2.4

Condor_project>>Condor >> Version 7.2.4 (Open CPE detail)

Condor_project>>Condor >> Version 7.03

Condor_project>>Condor >> Version 7.3.0

Condor_project>>Condor >> Version 7.3.0 (Open CPE detail)

Condor_project>>Condor >> Version 7.3.1

Condor_project>>Condor >> Version 7.3.1 (Open CPE detail)

Condor_project>>Condor >> Version 7.3.2

Condor_project>>Condor >> Version 7.3.2 (Open CPE detail)

Condor_project>>Condor >> Version 7.4.0

Condor_project>>Condor >> Version 7.4.0 (Open CPE detail)

Condor_project>>Condor >> Version 7.4.1

Condor_project>>Condor >> Version 7.4.1 (Open CPE detail)

Condor_project>>Condor >> Version 7.8.0

Condor_project>>Condor >> Version 7.8.0 (Open CPE detail)

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/77748
Tags : vdb-entry, x_refsource_XF

http://rhn.redhat.com/errata/RHSA-2012-1168.html
Tags : vendor-advisory, x_refsource_REDHAT

http://www.securitytracker.com/id?1027395
Tags : vdb-entry, x_refsource_SECTRACK

http://osvdb.org/84766
Tags : vdb-entry, x_refsource_OSVDB

http://secunia.com/advisories/50246
Tags : third-party-advisory, x_refsource_SECUNIA

http://www.securityfocus.com/bid/55032
Tags : vdb-entry, x_refsource_BID

http://secunia.com/advisories/50294
Tags : third-party-advisory, x_refsource_SECUNIA

http://rhn.redhat.com/errata/RHSA-2012-1169.html
Tags : vendor-advisory, x_refsource_REDHAT

http://research.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2012-0002.html
Tags : x_refsource_CONFIRM

CVE-2012-3416 : Detail