CVE-2017-6594 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-6594 Interim 1 9 2025-04-22T23:44:28Z current 2021-05-30T13:53:45Z 2025-04-22T23:44:28Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-6594 The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed libheimdal-7.7.0-1.11 libheimdal-devel-7.7.0-1.11 libheimdal-7.7.0-1.11 as a component of openSUSE Tumbleweed libheimdal-devel-7.7.0-1.11 as a component of openSUSE Tumbleweed The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets. CVE-2017-6594 openSUSE Tumbleweed:libheimdal-7.7.0-1.11 openSUSE Tumbleweed:libheimdal-devel-7.7.0-1.11 important 5 AV:N/AC:L/Au:N/C:N/I:P/A:N 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N