CVE-2026-31957

{"id": "CVE-2026-31957", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.9}]}, "published": "2026-03-11T20:16:16.447", "references": [{"url": "https://github.com/himmelblau-idm/himmelblau/security/advisories/GHSA-q746-m2wv-qh4v", "tags": ["Mitigation", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-1188"}]}], "descriptions": [{"lang": "en", "value": "Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 3.0.0 to before 3.1.0, if Himmelblau is deployed without a configured tenant domain in himmelblau.conf, authentication is not tenant-scoped. In this mode, Himmelblau can accept authentication attempts for arbitrary Entra ID domains by dynamically registering providers at runtime. This behavior is intended for initial/local bootstrap scenarios, but it can create risk in remote authentication environments. This vulnerability is fixed in 3.1.0."}, {"lang": "es", "value": "Himmelblau es una suite de interoperabilidad para Microsoft Azure Entra ID e Intune. Desde 3.0.0 hasta antes de 3.1.0, si Himmelblau se despliega sin un dominio de inquilino configurado en himmelblau.conf, la autenticaci\u00f3n no est\u00e1 limitada al inquilino. En este modo, Himmelblau puede aceptar intentos de autenticaci\u00f3n para dominios arbitrarios de Entra ID mediante el registro din\u00e1mico de proveedores en tiempo de ejecuci\u00f3n. Este comportamiento est\u00e1 previsto para escenarios de arranque inicial/local, pero puede crear riesgo en entornos de autenticaci\u00f3n remota. Esta vulnerabilidad se corrige en 3.1.0."}], "lastModified": "2026-03-16T19:39:37.913", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:himmelblau-idm:himmelblau:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03DC7586-C1E4-47BF-A6D8-90F50C540210", "versionEndExcluding": "3.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}