11 matches found
CVE-2025-47748
Netwrix Directory Manager vulnerable versions: 11.0.0.0 and earlier, and 11.1.25134.03 and later, contain a hardcoded password. This is a configuration/credential risk that could lead to credential exposure via a hardcoded secret. Remediation exists in linked advisories: update to a version where...
CVE-2025-48748
Netwrix Directory Manager (formerly Imanami GroupID) versions through 10.0.7784.0 contain a hard-coded password vulnerability. The CVE entry CVE-2025-48748 is rated CRITICAL (CVSS v3.1: 10.0) with network access, no authentication, and high impact to confidentiality, integrity, and availability. ...
CVE-2025-48746
Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and earlier, and post-v11.1.25134.03, lack authentication for a critical function. Root cause beyond “lack of authentication” is not detailed in the provided sources. CVSSv3.1 base score 6.5 (NETWORK, LOW confidentiality/integrity imp...
CVE-2025-48749
Netwrix Directory Manager (formerly Imanami GroupID) is affected by CVE-2025-48749. The issue concerns the insertion of sensitive information into sent data. Affected software: Netwrix Directory Manager versions prior to 11.1.25134.03 (per multiple sources); remediation guidance from PT-Security ...
CVE-2025-48747
CVE-2025-48747 affects Netwrix Directory Manager (formerly Imanami GroupID). Versions prior to 11.1.25134.03 or after 11.0.0.0 are impacted by Incorrect Permission Assignment for a Critical Resource. The issue is documented across multiple feeds (NVD/Red Hat/CVE list). Remediation: upgrade to ver...
CVE-2025-54393
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 through 11.1.25162.02 is affected by a static code injection vulnerability that authenticated users can exploit to obtain administrative access. The issue is documented under CVE-2025-54393. Remediation: upgrade to version 11.1.25162.0...
CVE-2025-54395
Summary: CVE-2025-54395 affects Netwrix Directory Manager (formerly Imanami GroupID) versions 11.0.0.0 up to 11.1.25162.02. The issue is a cross-site scripting (XSS) vulnerability in authentication configuration data. What’s affected: Netwrix Directory Manager software; vulnerable component is th...
CVE-2025-54397
CVE-2025-54397 affects Netwrix Directory Manager (formerly Imanami GroupID) versions 11.0.0.0 through 11.1.25161.02. The issue: sensitive information is inserted into data sent to authenticated users, exposing data during transit. The CVSS v3.1 base score is 4.3 (Medium) with network attack vecto...
CVE-2025-54392
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 is affected by CVE-2025-54392, a cross-site scripting (XSS) vulnerability in authentication error data. The issue affects the authentication error handling pathway and is documented as a distinct vulnerability from...
CVE-2025-54394
Netwrix Directory Manager (formerly Imanami GroupID)
CVE-2025-54396
The CVE-2025-54396 entry affects Netwrix Directory Manager (formerly Imanami GroupID) versions 11.0.0.0 through 11.1.25162.02. The vulnerability is SQL injection that can be exploited by authenticated users. Root cause and impact are described as SQL injection with low to moderate impact (per CVS...