CVE-2017-6594

The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.
Configurations

Configuration 1 (hide)

cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*

History

12 Aug 2021, 17:50

Type Values Removed Values Added
CPE cpe:2.3:o:opensuse_project:leap:42.3:*:*:*:*:*:*:*
cpe:2.3:a:h5l:heimdal:*:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*

Information

Published : 2017-08-28 19:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-6594

Mitre link : CVE-2017-6594

CVE.ORG link : CVE-2017-6594


JSON object : View

Products Affected

heimdal_project

  • heimdal

opensuse

  • leap
CWE
CWE-295

Improper Certificate Validation