Vulnerability Details : CVE-2017-6594
The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.
Products affected by CVE-2017-6594
- cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
- cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-6594
0.16%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 52 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-6594
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2017-6594
-
The product does not validate, or incorrectly validates, a certificate.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-6594
-
http://lists.opensuse.org/opensuse-updates/2017-08/msg00062.html
openSUSE-SU-2017:2180-1: moderate: Security update for libheimdalThird Party Advisory
-
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.3.0
Release Heimdal 7.3 · heimdal/heimdal · GitHubIssue Tracking;Patch;Third Party Advisory
-
http://www.h5l.org/advisories.html?show=2017-04-13
Heimdal security advisoriesVendor Advisory
-
https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837
Fix transit path validation CVE-2017-6594 · heimdal/heimdal@b1e6991 · GitHubIssue Tracking;Patch;Third Party Advisory
Jump to