Bug 1198141 (CVE-2021-45104) - VUL-0: CVE-2021-45104: htcondor: Plaintext secrets transmitted if administrator has configured weaker encryption protocols
Summary: VUL-0: CVE-2021-45104: htcondor: Plaintext secrets transmitted if administrat...
Status: RESOLVED FIXED
Alias: CVE-2021-45104
Product: openSUSE Distribution
Classification: openSUSE
Component: Security (show other bugs)
Version: Leap 15.4
Hardware: Other Other
: P3 - Medium : Minor (vote)
Target Milestone: ---
Assignee: Christian Goll
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/328212/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-04-06 10:07 UTC by Cathy Hu
Modified: 2024-03-28 14:04 UTC (History)
0 users

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Cathy Hu 2022-04-06 10:07:14 UTC 
CVE-2021-45104

An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1.
An attacker who can capture HTCondor network data can interfere with users' jobs
and data.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45104
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45104
https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2022-0002
https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2021-0006/
Comment 1 Cathy Hu 2022-04-06 10:07:52 UTC 
Affected:
- openSUSE:Factory/htcondor 9.0.8
Comment 2 Christian Goll 2024-03-28 14:04:20 UTC 
htcondor was removed from factory
Comment 3 Christian Goll 2024-03-28 14:04:35 UTC 
htcondor was removed from factory