cbcvebase.

Netwrix Directory Manager vulnerabilities

11 known vulnerabilities affecting netwrix/directory_manager.

Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM9

Vulnerabilities

Page 1 of 1
CVE-2025-48748P2CRITICALCVSS 10.0≤ 10.0.7784.02025-05-29
CVE-2025-48748 [CRITICAL] CWE-798 CVE-2025-48748: Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password.
nvd
CVE-2025-48749P3CRITICALCVSS 9.1≥ 11.0.0.0, < 11.1.25134.032025-05-28
CVE-2025-48749 [CRITICAL] CWE-201 CVE-2025-48749: Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03 in Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03 inserts Sensitive Information into Sent Data.
nvd
CVE-2025-48746P3MEDIUMCVSS 6.5≤ 11.0.0.0≥ 11.1.25134.032025-05-28
CVE-2025-48746 [MEDIUM] CWE-287 CVE-2025-48746: Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1. Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function.
nvd
CVE-2025-54396P4MEDIUMCVSS 5.4≥ 11.0.0.0, < 11.1.25162.022025-08-07
CVE-2025-54396 [MEDIUM] CWE-89 CVE-2025-54396: Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Inject Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this.
nvd
CVE-2025-54393P4MEDIUMCVSS 5.4≥ 11.0.0.0, < 11.1.25162.022025-08-07
CVE-2025-54393 [MEDIUM] CWE-77 CVE-2025-54393: Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Cod Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access.
nvd
CVE-2025-54394P4MEDIUMCVSS 5.3≥ 11.0.0.0, < 11.1.25162.022025-08-07
CVE-2025-54394 [MEDIUM] CWE-522 CVE-2025-54394: Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficientl Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources.
nvd
CVE-2025-54392P4MEDIUMCVSS 6.1≥ 11.0.0.0, < 11.1.25162.022025-08-07
CVE-2025-54392 [MEDIUM] CVE-2025-54392: Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for au Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189.
nvd
CVE-2025-54395P4MEDIUMCVSS 6.1≥ 11.0.0.0, < 11.1.25162.022025-08-07
CVE-2025-54395 [MEDIUM] CWE-79 CVE-2025-54395: Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for au Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data.
nvd
CVE-2025-47748P4MEDIUMCVSS 5.3≥ 11.0.0.0, < 11.1.25134.032025-05-28
CVE-2025-47748 [MEDIUM] CWE-259 CVE-2025-47748: Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded passwor Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded password.
nvd
CVE-2025-48747P4MEDIUMCVSS 5.0≥ 11.0.0.0, < 11.1.25134.032025-05-28
CVE-2025-48747 [MEDIUM] CWE-732 CVE-2025-48747: Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11. Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11.1.25134.03 has Incorrect Permission Assignment for a Critical Resource.
nvd
CVE-2025-54397P4MEDIUMCVSS 4.3≥ 11.0.0.0, < 11.1.25162.022025-08-07
CVE-2025-54397 [MEDIUM] CWE-284 CVE-2025-54397: Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users.
nvd
Netwrix Directory Manager vulnerabilities | cvebase