Netwrix

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-54397 1Netwrix 1Directory Manager Aug 11, 2025 Aug 7, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users.
CVE-2025-54396 1Netwrix 1Directory Manager Aug 11, 2025 Aug 7, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this.
CVE-2025-54395 1Netwrix 1Directory Manager Aug 11, 2025 Aug 7, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data.
CVE-2025-54394 1Netwrix 1Directory Manager Aug 11, 2025 Aug 7, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources.
CVE-2025-54393 1Netwrix 1Directory Manager Aug 11, 2025 Aug 7, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access.
CVE-2025-54392 1Netwrix 1Directory Manager Aug 11, 2025 Aug 7, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189.
CVE-2025-48748 1Netwrix 1Directory Manager Jun 23, 2025 May 29, 2025 N/A· v4 10.0 CRITICAL· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password.
CVE-2025-48749 1Netwrix 1Directory Manager Jun 18, 2025 May 28, 2025 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03 inserts Sensitive Information into Sent Data.
CVE-2025-48747 1Netwrix 1Directory Manager Jun 19, 2025 May 28, 2025 N/A· v4 5.0 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11.1.25134.03 has Incorrect Permission Assignment for a Critical Resource.
CVE-2025-47748 1Netwrix 1Directory Manager Jun 19, 2025 May 28, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded password.
CVE-2025-48746 1Netwrix 1Directory Manager Jun 24, 2025 May 28, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function.
CVE-2025-26818 1Netwrix 1Password Secure Apr 8, 2025 Apr 3, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Netwrix Password Secure through 9.2 allows command injection.
CVE-2025-26817 1Netwrix 1Password Secure May 28, 2025 Apr 3, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Netwrix Password Secure 9.2.0.32454 allows OS command injection.
CVE-2023-41264 1Netwrix 1Usercube Nov 21, 2024 Nov 28, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. This only occurs if the configuration omits the...Show more Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. This only occurs if the configuration omits the required restSettings.AuthorizedClientId and restSettings.AuthorizedSecret fields (for the POST /api/Deployment/ExportConfiguration and POST /api/Deployment endpoints).Show less
CVE-2022-31199 1Netwrix 1Auditor Nov 3, 2025 Nov 8, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vu...Show more Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by the component, and potentially allow an unauthenticated remote attacker to execute arbitrary code as the NT AUTHORITY\SYSTEM user on affected systems, including on systems Netwrix Auditor monitors.Show less
CVE-2020-15931 1Netwrix 1Account Lockout Examiner Nov 21, 2024 Oct 20, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator (that is configured within the product in its installation state)...Show more Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator (that is configured within the product in its installation state) by generating a single Kerberos Pre-Authentication Failed (ID 4771) event on a Domain Controller.Show less
CVE-2019-14969 1Netwrix 1Auditor Nov 21, 2024 Aug 12, 2019 N/A· v4 7.8 HIGH· v3 6.9 MEDIUM· v2 Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders. In addition, the service Netwrix.ADA.StorageAuditService (which writes to that directory) does n...Show more Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders. In addition, the service Netwrix.ADA.StorageAuditService (which writes to that directory) does not perform proper impersonation, and thus the target file will have the same permissions as the invoking process (in this case, granting Authenticated Users full access over the target file). This vulnerability can be triggered by a low-privileged user to perform DLL Hijacking/Binary Planting attacks and ultimately execute code as NT AUTHORITY\SYSTEM with the help of Symbolic Links.Show less