7
CVE-2026-34397
- EPSS 0.16%
- Veröffentlicht 01.04.2026 17:25:06
- Zuletzt bearbeitet 15.04.2026 17:14:04
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
himmelblau: NSS fake-primary group lookup reintroduces name collision risk
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0-alpha to before 2.3.9 and 3.0.0-alpha to before 3.1.1, there is a conditional local privilege escalation vulnerability in an edge-case naming collision. Only authenticated himmelblau users whose mapped CN/short name exactly matches a privileged local group name (e.g., "sudo", "wheel", "docker", "adm") can cause the NSS module to resolve that group name to their fake primary group. If the system uses NSS results for group-based authorization decisions (sudo, polkit, etc.), this can grant the attacker the privileges of that group. This issue has been patched in versions 2.3.9 and 3.1.1.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Himmelblau-idm ≫ Himmelblau Version >= 2.0.0 < 2.3.9
Himmelblau-idm ≫ Himmelblau Version >= 3.0.0 < 3.1.1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.052 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| security-advisories@github.com | 6.3 | 1 | 5.2 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
|
CWE-269 Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
https://github.com/himmelblau-idm/himmelblau/security/advisories/GHSA-v7xx-7mqc-g835
https://github.com/himmelblau-idm/himmelblau/releases/tag/2.3.9
https://github.com/himmelblau-idm/himmelblau/releases/tag/3.1.1