An issue was discovered in HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2. Using standard command-line tools, a user with only READ access to an HTCondor SchedD or Collector daemon can discover secrets that could allow them to control other users' jobs and/or read their data.
{
"versions": [
{
"introduced": "0"
},
{
"last_affected": "8.8.13"
},
{
"introduced": "9.0.0"
},
{
"last_affected": "9.0.2"
},
{
"introduced": "0"
},
{
"last_affected": "9.1.0"
}
]
}