Description
The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.
References (4)
Core 4
Core References
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.3.0
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2017-08/msg00062.html
Vendor Advisory x_refsource_confirm
http://www.h5l.org/advisories.html?show=2017-04-13
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837
Scores
CVSS v3
7.5
EPSS
0.0020
EPSS Percentile
42.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-295
Status
published
Products (3)
heimdal_project/heimdal
< 7.2.0
opensuse/leap
42.2
opensuse/leap
42.3
Published
Aug 28, 2017
Tracked Since
Feb 18, 2026