CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Microsoft 3Configuration Manager 2403 Configuration Manager 2409Configuration Manager 2503Nov 17, 2025 Nov 11, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally. |
1Microsoft 3Configuration Manager 2403 Configuration Manager 2409Configuration Manager 2503Nov 5, 2025 Oct 31, 2025 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network. |
1Microsoft 3Configuration Manager 2403 Configuration Manager 2409Configuration Manager 2503Feb 13, 2026 Oct 14, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges over an adjacent network. |
1Microsoft 3Configuration Manager 2403 Configuration Manager 2409Configuration Manager 2503Oct 17, 2025 Oct 14, 2025 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over an adjacent network. |
1Microsoft 1Configuration Manager 2503 Jul 23, 2025 Jul 8, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network. |
1Microsoft 4Configuration Manager Configuration Manager 2403Configuration Manager 2409+1 moreFeb 13, 2026 Oct 8, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Microsoft Configuration Manager Remote Code Execution Vulnerability |