Configuration Manager 2403

configuration_manager_2403

Vendor: Microsoft • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-47179 1Microsoft 3Configuration Manager 2403 Configuration Manager 2409Configuration Manager 2503 Nov 17, 2025 Nov 11, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-59501 1Microsoft 3Configuration Manager 2403 Configuration Manager 2409Configuration Manager 2503 Nov 5, 2025 Oct 31, 2025 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network.
CVE-2025-59213 1Microsoft 3Configuration Manager 2403 Configuration Manager 2409Configuration Manager 2503 Feb 13, 2026 Oct 14, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges over an adjacent network.
CVE-2025-55320 1Microsoft 3Configuration Manager 2403 Configuration Manager 2409Configuration Manager 2503 Oct 17, 2025 Oct 14, 2025 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over an adjacent network.
CVE-2024-43468 1Microsoft 4Configuration Manager Configuration Manager 2403Configuration Manager 2409+1 more Feb 13, 2026 Oct 8, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Microsoft Configuration Manager Remote Code Execution Vulnerability