{"id":"CVE-2021-45102","details":"An issue was discovered in HTCondor 9.0.x before 9.0.4 and 9.1.x before 9.1.2. When authenticating to an HTCondor daemon using a SciToken, a user may be granted authorizations beyond what the token should allow.","modified":"2026-04-12T03:55:25.807331Z","published":"2021-12-16T05:15:08.917Z","references":[{"type":"ADVISORY","url":"https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2021-0004/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/htcondor/htcondor","events":[{"introduced":"0"},{"last_affected":"397ce7a3488d7b4e41168b0d039b19468138eeea"},{"last_affected":"4b1b53bb3920f54f30d9124c6b73643bf96f0c33"},{"last_affected":"f4a0614b5bb32fb2fefec799af389bae335d57a4"},{"last_affected":"25be8bba5ab8a4160122358ddd5612a5de22091c"}],"database_specific":{"source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"9.0.0"},{"last_affected":"9.0.1"},{"last_affected":"9.0.2"},{"last_affected":"9.1.0"}],"cpe":["cpe:2.3:a:wisc:htcondor:9.0.0:*:*:*:*:*:*:*","cpe:2.3:a:wisc:htcondor:9.0.1:*:*:*:*:*:*:*","cpe:2.3:a:wisc:htcondor:9.0.2:*:*:*:*:*:*:*","cpe:2.3:a:wisc:htcondor:9.1.0:*:*:*:*:*:*:*"]}}],"versions":["V7_3_0","V8_9_6_a1","V9_0_0","V9_0_0_a1","V9_0_1","V9_0_1_a1","V9_0_2","V9_0_2_a1","V9_1_0","V9_1_0_a1","classads_1_0_7","classads_1_0_8"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-45102.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}