Directory Manager

directory_manager

Vendor: Netwrix • 11 CVEs

CVEs (11)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-54397 1Netwrix 1Directory Manager Aug 11, 2025 Aug 7, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users.
CVE-2025-54396 1Netwrix 1Directory Manager Aug 11, 2025 Aug 7, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this.
CVE-2025-54395 1Netwrix 1Directory Manager Aug 11, 2025 Aug 7, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data.
CVE-2025-54394 1Netwrix 1Directory Manager Aug 11, 2025 Aug 7, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources.
CVE-2025-54393 1Netwrix 1Directory Manager Aug 11, 2025 Aug 7, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access.
CVE-2025-54392 1Netwrix 1Directory Manager Aug 11, 2025 Aug 7, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189.
CVE-2025-48748 1Netwrix 1Directory Manager Jun 23, 2025 May 29, 2025 N/A· v4 10.0 CRITICAL· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password.
CVE-2025-48749 1Netwrix 1Directory Manager Jun 18, 2025 May 28, 2025 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03 inserts Sensitive Information into Sent Data.
CVE-2025-48747 1Netwrix 1Directory Manager Jun 19, 2025 May 28, 2025 N/A· v4 5.0 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11.1.25134.03 has Incorrect Permission Assignment for a Critical Resource.
CVE-2025-47748 1Netwrix 1Directory Manager Jun 19, 2025 May 28, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded password.
CVE-2025-48746 1Netwrix 1Directory Manager Jun 24, 2025 May 28, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function.