CVE-2017-16816

NONE EPSS 64.6%
Published Jul 5, 20187y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jul 5, 2018 7y ago
Last Modified Jun 17, 2026 2w ago

Description

The condor_schedd component in HTCondor before 8.6.8 and 8.7.x before 8.7.5 allows remote authenticated users to cause a denial of service (daemon crash) by leveraging use of GSI and VOMS extensions.

Threat Intelligence

EPSS Exploit Probability
64.6% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 2

VendorProductVersionRange
wischtcondor* <8.6.8
wischtcondor*≥8.7.0  –  <8.7.5

References 2

  • research.cs.wisc.edu http://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2017-0001.html
    MitigationVendor Advisory
  • www-auth.cs.wisc.edu https://www-auth.cs.wisc.edu/lists/htcondor-users/2017-November/msg00022.shtml
    Mailing ListVendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.