737 matches found
CVE-2025-47179
Summary : CVE-2025-47179 is an elevation-of-privilege vulnerability in Microsoft Configuration Manager (aka Microsoft Endpoint/Configuration Manager). The issue arises from improper access control, enabling an authorized attacker to elevate privileges locally. The provided documents indicate a lo...
CVE-2025-47179 Configuration Manager Elevation of Privilege Vulnerability
...
Configuration Manager Elevation of Privilege Vulnerability
Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally...
PT-2025-46451
Name of the Vulnerable Software and Affected Versions Microsoft Configuration Manager affected versions not specified Description An improper access control issue exists in Microsoft Configuration Manager. This allows an authorized attacker to elevate privileges locally. Recommendations At the...
KLA90061 PE vulnerability in Microsoft System Center
An elevation of privilege vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2025-47179 Related products Microsoft-Configuration-Manager CVE list CVE-2025-47179 high Solution Install necessary updates from...
Microsoft Configuration Manager 访问控制错误漏洞
Microsoft Configuration Manager is a Microsoft solution for managing computers and servers within an organization that helps IT departments keep software up-to-date, set configuration and security policies, and monitor system status. An elevation of privilege vulnerability exists in Microsoft...
CVE-2025-59501
Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network...
CVE-2012-10063
Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core Configuration Manager CCM interface. Authenticated users could manipulate SQL queries by supplying crafted input to specific CCM parameters, potentially allowing access to configuration data stored in th...
CVE-2025-59501
Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network...
CVE-2025-59501
Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network...
CVE-2025-59501 Microsoft Configuration Manager Spoofing Vulnerability
...
CVE-2025-59501 Microsoft Configuration Manager Spoofing Vulnerability
...
EUVD-2025-37382
Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network...
CVE-2025-59501
CVE-2025-59501 is a confirmed spoofing/authentication-bypass vulnerability in Microsoft Configuration Manager (aka Configuration Manager/Endpoint Configuration Manager). Descriptions across Red Hat, NVD, and Microsoft-related sources indicate an attacker with adjacent access could spoof identity ...
EUVD-2020-30814
The Core Config Manager CCM in Nagios XI versions prior to CCM 3.0.7 / Nagios XI 5.7.4 contains multiple SQL injection vulnerabilities in the object edit pages. Unsanitized user-supplied input was incorporated into SQL queries used by configuration object editors, allowing authenticated users to...
EUVD-2012-6609
Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core Configuration Manager CCM interface. Authenticated users could manipulate SQL queries by supplying crafted input to specific CCM parameters, potentially allowing access to configuration data stored in th...
CVE-2012-10063
Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core Configuration Manager CCM interface. Authenticated users could manipulate SQL queries by supplying crafted input to specific CCM parameters, potentially allowing access to configuration data stored in th...
CVE-2012-10063 Nagios XI < 2012R1.3 Authenticated SQL Injection in Legacy CCM
Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core Configuration Manager CCM interface. Authenticated users could manipulate SQL queries by supplying crafted input to specific CCM parameters, potentially allowing access to configuration data stored in th...
CVE-2012-10063
Nagios XI versions prior to 2012R1.3 contain an authenticated SQL injection vulnerability in the legacy Core Configuration Manager (CCM) interface. Exploitation requires crafted input to specific CCM parameters and can disclose or modify configuration data stored in the application database, with...
CVE-2012-10063 Nagios XI < 2012R1.3 Authenticated SQL Injection in Legacy CCM
Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core Configuration Manager CCM interface. Authenticated users could manipulate SQL queries by supplying crafted input to specific CCM parameters, potentially allowing access to configuration data stored in th...