- EPSS 0.01%
- Veröffentlicht 01.04.2026 17:25:06
- Zuletzt bearbeitet 15.04.2026 17:14:04
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0-alpha to before 2.3.9 and 3.0.0-alpha to before 3.1.1, there is a conditional local privilege escalation vulnerability in an edge-case naming collisi...
CVE-2026-31979
- EPSS 0.02%
- Veröffentlicht 11.03.2026 19:47:05
- Zuletzt bearbeitet 16.03.2026 18:18:34
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and 2.3.8, the himmelblaud-tasks daemon, running as root, writes Kerberos cache files under /tmp/krb5cc_<uid> without symlink protections. Since commit 87...
- EPSS 0.27%
- Veröffentlicht 11.03.2026 19:25:21
- Zuletzt bearbeitet 16.03.2026 19:39:37
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 3.0.0 to before 3.1.0, if Himmelblau is deployed without a configured tenant domain in himmelblau.conf, authentication is not tenant-scoped. In this mode, Himmelbla...
CVE-2025-54882
- EPSS 0.02%
- Veröffentlicht 07.08.2025 00:02:09
- Zuletzt bearbeitet 09.10.2025 17:36:51
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. In versions 0.8.0 through 0.9.21 and 1.0.0-beta through 1.1.0, Himmelblau stores the cloud TGT received during logon in the Kerberos credential cache. The created creden...