CVE Tools
Sign in

CVE-2017-11103

Published: Jul 13, 2017Updated: May 13, 2026 Sources: CVE List NVD BDUCWE-345
NVD MITRE
8.1CVSSHIGH
EPSS Score
5.1%
Top 8.7%
CISA KEV
Not in KEV
Exploits
No Known Exploits
Remediation
Patch Available

Description

Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in 'enc_part' instead of the unencrypted version stored in 'ticket'. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated.

CVSS Vector Breakdown

AV:NAC:HPR:NUI:NS:UC:HI:HA:H
Exploitability
AV:NAttack Vector
Network
AC:HAttack Complexity
High
PR:NPrivileges Required
None
UI:NUser Interaction
None
Scope
S:UScope
Unchanged
Impact
C:HConfidentiality
High
I:HIntegrity
High
A:HAvailability
High
Open in CVSS calculator →

Weaknesses

CWE-345

Affected Products

n/an/a
heimdalheimdal project
On-prem
Security Products / endpoint-av-edr
freebsdfreebsd
On-premOS
Operating Systems / unix-bsd
sambasamba
LibraryLibrary
Operating Systems / unix-bsd
iphone osapple
EmbeddedOS
Operating Systems / mobile-os
heimdal projectcommercialSecurity Productsaka heimdal
freebsdoss-projectUSOperating Systems
sambaoss-projectDEOperating Systems
applecommercialUSMobile Appsaka apple inc., apple computer
and 7 more affected products View all →

Attack Graph

Products CVE Techniques Tactics

Click technique nodes to view MITRE ATT&CK details. Scroll to zoom, drag to pan.

Exploitability

Official Patch Available

MITRE ATT&CK

1 technique
Collection
View detailed technique mapping

References

https://support.apple.com/HT208221
support.apple.com
http://www.debian.org/security/2017/dsa-3912
debian.org
https://support.apple.com/HT208144
support.apple.com
and 20 more references View all →

Timeline

Published
Jul 13, 2017
Last Updated
May 13, 2026

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2017-11103 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows