Scabrero

**Name of the Vulnerable Software and Affected Versions** Himmelblau versions 0.8.0 through 0.9.21 Himmelblau versions 1.0.0-beta through 1.1.0 **Description** Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Versions 0.8.0 through 0.9.21 and 1.0.0-beta through 1.1.0 store the cloud TGT (Ticket Granting Ticket) received during logon in the Kerberos credential cache. The created credential cache collection and received credentials are stored as world readable. This issue is fixed in versions 0.9.22 and 1.2.0. **Recommendations** Himmelblau versions 0.8.0 through 0.9.21: Remove all read access to Himmelblau caches for all users except for owners. Himmelblau versions 1.0.0-beta through 1.1.0: Remove all read access to Himmelblau caches for all users except for owners.