Description

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. In versions 0.8.0 through 0.9.21 and 1.0.0-beta through 1.1.0, Himmelblau stores the cloud TGT received during logon in the Kerberos credential cache. The created credential cache collection and received credentials are stored as world readable. This is fixed in versions 0.9.22 and 1.2.0. To work around this issue, remove all read access to Himmelblau caches for all users except for owners.

INFO

Published Date :

2025-08-07T00:02:09.263Z

Last Modified :

2025-08-07T14:32:00.582Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-54882 vulnerability.

Vendors Products
Himmelblau-idm
  • Himmelblau
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-54882.

URL Resource
https://github.com/himmelblau-idm/himmelblau/commit/b562053df3dffb1dd9ab3d09af986886773be2ad cve-icon cve-icon
https://github.com/himmelblau-idm/himmelblau/commit/faae58b0384aca8b21b4be5f1c507412eec3778a cve-icon cve-icon
https://github.com/himmelblau-idm/himmelblau/releases/tag/0.9.22 cve-icon cve-icon
https://github.com/himmelblau-idm/himmelblau/releases/tag/1.2.0 cve-icon cve-icon
https://github.com/himmelblau-idm/himmelblau/security/advisories/GHSA-phfx-rjfw-wj83 cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact