CVE-2022-26110: 
HTCondor vulnerability analysis and mitigation

A vulnerability was discovered in HTCondor (CVE-2022-26110) affecting versions 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0. The vulnerability allows users who authenticate to an HTCondor daemon via the CLAIMTOBE method to impersonate any entity when issuing additional commands to that daemon (Debian LTS, Debian Security).

The vulnerability specifically affects the authentication mechanism in HTCondor. An attacker only needs READ-level authorization to a vulnerable daemon using the CLAIMTOBE authentication method, which is typically allowed for READ-level commands in the default configuration. This means attackers can execute basic commands like condorq or condorstatus, and potentially escalate their privileges (Debian LTS).

The vulnerability enables attackers to bypass authentication controls and impersonate other users. Many pools do not restrict who can issue READ-level commands, and with CLAIMTOBE being allowed for READ-level commands in the default configuration, attackers could potentially execute commands remotely from an untrusted network, unless prevented by firewall or other network-level access controls (Debian LTS).

The vulnerability has been fixed in multiple versions: HTCondor 8.8.16, 9.0.10, and 9.6.0. For Debian 9 (stretch), the fix was implemented in version 8.4.11~dfsg.1-1+deb9u2, and for Debian 10 (buster) in version 8.6.8~dfsg.1-2+deb10u1. Users are recommended to upgrade their condor packages to these patched versions (Debian Security, Debian LTS).