Himmelblau-Idm Himmelblau vulnerabilities
10 known vulnerabilities affecting himmelblau-idm/himmelblau.
Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM3LOW2
Vulnerabilities
Page 1 of 1
CVE-2026-31957P2CRITICALCVSS 10.0fixed in 3.1.0v>= 3.0.0, < 3.1.02026-03-11
CVE-2026-31957 [CRITICAL] CWE-1188 CVE-2026-31957: Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 3.0.0 to befor
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 3.0.0 to before 3.1.0, if Himmelblau is deployed without a configured tenant domain in himmelblau.conf, authentication is not tenant-scoped. In this mode, Himmelblau can accept authentication attempts for arbitrary Entra ID domains by dynamically registering pro
nvd
CVE-2026-45108P3HIGHCVSS 8.4v>= 2.0.0, < 2.3.11v>= 3.0.0-alpha, < 3.1.52026-05-27
CVE-2026-45108 [HIGH] CWE-863 CVE-2026-45108: Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to befor
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Authorization Grant (DAG) flow that allowed a user within the same Entra ID domain to obtain a local Unix session as another user by providing their own valid
nvd
CVE-2026-31979P3HIGHCVSS 7.8≥ 1.0.0, < 2.3.8≥ 3.0.0, < 3.1.0+2 more2026-03-11
CVE-2026-31979 [HIGH] CWE-59 CVE-2026-31979: Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and 2.3.8, the himmelblaud-tasks daemon, running as root, writes Kerberos cache files under /tmp/krb5cc_ without symlink protections. Since commit 87a51ee, PrivateTmp is explicitly removed from the tasks daemon's systemd hardening, exposing it to the host /tm
nvd
CVE-2025-54882P4HIGHCVSS 7.1≥ 0.8.0, < 0.9.22≥ 1.0.0, < 1.2.0+2 more2025-08-07
CVE-2025-54882 [HIGH] CWE-522 CVE-2025-54882: Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. In versions 0.8.0 t
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. In versions 0.8.0 through 0.9.21 and 1.0.0-beta through 1.1.0, Himmelblau stores the cloud TGT received during logon in the Kerberos credential cache. The created credential cache collection and received credentials are stored as world readable. This is fixed in versions
nvd
CVE-2026-34397P4HIGHCVSS 7.0≥ 2.0.0, < 2.3.9≥ 3.0.0, < 3.1.1+2 more2026-04-01
CVE-2026-34397 [HIGH] CWE-269 CVE-2026-34397: Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0-alpha to before 2.3.9 and 3.0.0-alpha to before 3.1.1, there is a conditional local privilege escalation vulnerability in an edge-case naming collision. Only authenticated himmelblau users whose mapped CN/short name exactly matches a privileged local g
nvd
CVE-2025-49012P4MEDIUMCVSS 5.4v>= 0.9.0, < 0.9.15v= 1.0.0-alpha2025-06-05
CVE-2025-49012 [MEDIUM] CWE-287 CVE-2025-49012: Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau versions
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau versions 0.9.0 through 0.9.14 and 1.00-alpha are vulnerable to a privilege escalation issue when Entra ID group-based access restrictions are configured using group display names instead of object IDs. Starting in version 0.9.0, Himmelblau introduced support
nvd
CVE-2025-53013P4MEDIUMCVSS 5.2v>= 0.9.10, < 0.9.172025-06-26
CVE-2025-53013 [MEDIUM] CWE-287 CVE-2025-53013: Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. A vulnerability pre
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. A vulnerability present in versions 0.9.10 through 0.9.16 allows a user to authenticate to a Linux host via Himmelblau using an *invalid* Linux Hello PIN, provided the host is offline. While the user gains access to the local system, Single Sign-On (SSO) fails due to th
nvd
CVE-2025-59044P4MEDIUMCVSS 4.4v>= 0.9.0, < 0.9.232025-09-09
CVE-2025-59044 [MEDIUM] CWE-1188 CVE-2025-59044: Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau 0.9.x de
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau 0.9.x derives numeric GIDs for Entra ID groups from the group display name when himmelblau.conf `id_attr_map = name` (the default configuration). Because Microsoft Entra ID allows multiple groups with the same `displayName` (including end-user–created person
nvd
CVE-2025-24034P4LOWCVSS 3.2v>= 0.7.0, < 0.7.15v>= 0.8.0, < 0.8.32025-01-23
CVE-2025-24034 [LOW] CWE-532 CVE-2025-24034: Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Starting in version
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Starting in version 0.7.0 and prior to versions 0.7.15 and 0.8.3, Himmelblau is vulnerable to leaking credentials in debug logs. When debug logging is enabled, user access tokens are inadvertently logged, potentially exposing sensitive authentication data. Similarly, Kerbe
nvd
CVE-2025-54781P4LOWCVSS 2.8v>= 1.0.0, < 1.1.02025-08-02
CVE-2025-54781 [LOW] CWE-532 CVE-2025-54781: Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. When debugging is e
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. When debugging is enabled for Himmelblau in version 1.0.0, the himmelblaud_tasks service leaks an Intune service access token to the system journal. This short-lived token can be used to detect the host's Intune compliance status, and may permit additional administrative o
nvd