Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-4179
HistoryDec 07, 2010 - 10:00 p.m.

CVE-2010-4179

2010-12-0722:00:02
CWE-264
[email protected]
web.nvd.nist.gov
25
installation documentation
red hat
enterprise messaging
realtime
grid
mrg
condor
cumin
job submission
access control
local users
nvd
cve-2010-4179

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The installation documentation for Red Hat Enterprise Messaging, Realtime and Grid (MRG) 1.3 recommends that Condor should be configured so that the MRG Management Console (cumin) can submit jobs for users, which creates a trusted channel with insufficient access control that allows local users with the ability to publish to a broker to run jobs as arbitrary users via Condor QMF plug-ins.

Affected configurations

NVD
Node
redhatenterprise_mrgMatch1.3

Related

redhat 1
prion 1
cvelist 1
nvd 1
veracode 1
redhat
redhat
(RHSA-2010:0921) Important: Red Hat Enterprise MRG Messaging and Grid security update
2010-11-30 00:00:00
prion
prion
Improper access control
2010-12-07 22:00:00
cvelist
cvelist
CVE-2010-4179
2010-12-07 21:00:00
nvd
nvd
CVE-2010-4179
2010-12-07 22:00:02
veracode
veracode
Authorization Bypass
2020-04-10 00:54:08

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CVE-2010-4179
redhat1prion1cvelist1nvd1veracode1