{"api_version":"1","generated_at":"2026-04-23T00:38:49+00:00","cve":"CVE-2017-6594","urls":{"html":"https://cve.report/CVE-2017-6594","api":"https://cve.report/api/cve/CVE-2017-6594.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2017-6594","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2017-6594"},"summary":{"title":"CVE-2017-6594","description":"The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2017-08-28 19:29:00","updated_at":"2021-08-12 17:50:00"},"problem_types":["CWE-295"],"metrics":[],"references":[{"url":"https://github.com/heimdal/heimdal/releases/tag/heimdal-7.3.0","name":"https://github.com/heimdal/heimdal/releases/tag/heimdal-7.3.0","refsource":"CONFIRM","tags":["Issue Tracking","Patch","Third Party Advisory"],"title":"Release Heimdal 7.3 · heimdal/heimdal · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-updates/2017-08/msg00062.html","name":"openSUSE-SU-2017:2180","refsource":"SUSE","tags":["Third Party Advisory"],"title":"openSUSE-SU-2017:2180-1: moderate: Security update for libheimdal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837","name":"https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837","refsource":"CONFIRM","tags":["Issue Tracking","Patch","Third Party Advisory"],"title":"Fix transit path validation CVE-2017-6594 · heimdal/heimdal@b1e6991 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.h5l.org/advisories.html?show=2017-04-13","name":"http://www.h5l.org/advisories.html?show=2017-04-13","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"Heimdal security advisories","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2017-6594","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6594","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2017","cve_id":"6594","vulnerable":"1","versionEndIncluding":"7.2.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"h5l","cpe5":"heimdal","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"6594","vulnerable":"1","versionEndIncluding":"7.2.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"heimdal_project","cpe5":"heimdal","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"6594","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse","cpe5":"leap","cpe6":"42.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"6594","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse","cpe5":"leap","cpe6":"42.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"6594","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse","cpe5":"leap","cpe6":"42.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"6594","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse_project","cpe5":"leap","cpe6":"42.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"6594","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse_project","cpe5":"leap","cpe6":"42.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2017-6594","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"https://github.com/heimdal/heimdal/releases/tag/heimdal-7.3.0","refsource":"CONFIRM","url":"https://github.com/heimdal/heimdal/releases/tag/heimdal-7.3.0"},{"name":"openSUSE-SU-2017:2180","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-updates/2017-08/msg00062.html"},{"name":"http://www.h5l.org/advisories.html?show=2017-04-13","refsource":"CONFIRM","url":"http://www.h5l.org/advisories.html?show=2017-04-13"},{"name":"https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837","refsource":"CONFIRM","url":"https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837"}]}},"nvd":{"publishedDate":"2017-08-28 19:29:00","lastModifiedDate":"2021-08-12 17:50:00","problem_types":["CWE-295"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*","versionEndIncluding":"7.2.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2017","CveId":"6594","Ordinal":"103281","Title":"CVE-2017-6594","CVE":"CVE-2017-6594","Year":"2017"},"notes":[{"CveYear":"2017","CveId":"6594","Ordinal":"1","NoteData":"The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.","Type":"Description","Title":null},{"CveYear":"2017","CveId":"6594","Ordinal":"2","NoteData":"2017-08-28","Type":"Other","Title":"Published"},{"CveYear":"2017","CveId":"6594","Ordinal":"3","NoteData":"2017-08-28","Type":"Other","Title":"Modified"}]}}}