CVE-2010-4179

The installation documentation for Red Hat Enterprise Messaging, Realtime and Grid (MRG) 1.3 recommends that Condor should be configured so that the MRG Management Console (cumin) can submit jobs for users, which creates a trusted channel with insufficient access control that allows local users with the ability to publish to a broker to run jobs as arbitrary users via Condor QMF plug-ins.

Published: Dec 7, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-4179
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
redhat / enterprise_mrg	1.3	1.3.x

http://secunia.com/advisories/42406
http://www.redhat.com/support/errata/RHSA-2010-0921.html
http://www.redhat.com/support/errata/RHSA-2010-0922.html
http://www.securitytracker.com/id?1024806
http://www.vupen.com/english/advisories/2010/3091
https://bugzilla.redhat.com/show_bug.cgi?id=654856

Vulnerability Database

289,697

CVE-2010-4179