Product
high
advisory
Heimdall Host Matching Case-Sensitivity Vulnerability
2 rules 1 TTPHeimdall performs case-sensitive host matching, which can lead to policy bypass because HTTP hostnames are case-insensitive, potentially leading to unauthorized access, data modification, or privilege escalation if the request host is part of the rule.
heimdall
defense-evasion
policy-bypass
access-control
2r
1t
high
advisory
Heimdall Authorization Bypass via Path Normalization Mismatch
2 rules 2 TTPsHeimdall is vulnerable to an authorization bypass due to a path normalization mismatch between Heimdall and downstream components, potentially leading to unauthorized access and privilege escalation.
heimdall
authorization-bypass
path-normalization
cloud
2r
2t