CVE-2017-16816

MEDIUM

HTCondor < 8.6.8 and 8.7.x < 8.7.5 - Authenticated Denial of Service in condor_schedd via GSI and VOMS Extensions

Title source: llm
STIX 2.1

Description

The condor_schedd component in HTCondor before 8.6.8 and 8.7.x before 8.7.5 allows remote authenticated users to cause a denial of service (daemon crash) by leveraging use of GSI and VOMS extensions.

References (2)

Core 2
Core References
Mailing List, Vendor Advisory mailing-list x_refsource_mlist
https://www-auth.cs.wisc.edu/lists/htcondor-users/2017-November/msg00022.shtml

Scores

CVSS v3 6.5
EPSS 0.0121
EPSS Percentile 64.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (1)
wisc/htcondor < 8.6.8
Published Jul 05, 2018
Tracked Since Feb 18, 2026