Netwrix Directory Manager vulnerabilities
11 known vulnerabilities affecting netwrix/directory_manager.
Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM9
Vulnerabilities
Page 1 of 1
CVE-2025-48748P2CRITICALCVSS 10.0≤ 10.0.7784.02025-05-29
CVE-2025-48748 [CRITICAL] CWE-798 CVE-2025-48748: Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password
Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password.
nvd
CVE-2025-48749P3CRITICALCVSS 9.1≥ 11.0.0.0, < 11.1.25134.032025-05-28
CVE-2025-48749 [CRITICAL] CWE-201 CVE-2025-48749: Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03 in
Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03 inserts Sensitive Information into Sent Data.
nvd
CVE-2025-48746P3MEDIUMCVSS 6.5≤ 11.0.0.0≥ 11.1.25134.032025-05-28
CVE-2025-48746 [MEDIUM] CWE-287 CVE-2025-48746: Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.
Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function.
nvd
CVE-2025-54396P4MEDIUMCVSS 5.4≥ 11.0.0.0, < 11.1.25162.022025-08-07
CVE-2025-54396 [MEDIUM] CWE-89 CVE-2025-54396: Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Inject
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this.
nvd
CVE-2025-54393P4MEDIUMCVSS 5.4≥ 11.0.0.0, < 11.1.25162.022025-08-07
CVE-2025-54393 [MEDIUM] CWE-77 CVE-2025-54393: Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Cod
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access.
nvd
CVE-2025-54394P4MEDIUMCVSS 5.3≥ 11.0.0.0, < 11.1.25162.022025-08-07
CVE-2025-54394 [MEDIUM] CWE-522 CVE-2025-54394: Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficientl
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources.
nvd
CVE-2025-54392P4MEDIUMCVSS 6.1≥ 11.0.0.0, < 11.1.25162.022025-08-07
CVE-2025-54392 [MEDIUM] CVE-2025-54392: Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for au
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189.
nvd
CVE-2025-54395P4MEDIUMCVSS 6.1≥ 11.0.0.0, < 11.1.25162.022025-08-07
CVE-2025-54395 [MEDIUM] CWE-79 CVE-2025-54395: Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for au
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data.
nvd
CVE-2025-47748P4MEDIUMCVSS 5.3≥ 11.0.0.0, < 11.1.25134.032025-05-28
CVE-2025-47748 [MEDIUM] CWE-259 CVE-2025-47748: Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded passwor
Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded password.
nvd
CVE-2025-48747P4MEDIUMCVSS 5.0≥ 11.0.0.0, < 11.1.25134.032025-05-28
CVE-2025-48747 [MEDIUM] CWE-732 CVE-2025-48747: Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11.
Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11.1.25134.03 has Incorrect Permission Assignment for a Critical Resource.
nvd
CVE-2025-54397P4MEDIUMCVSS 4.3≥ 11.0.0.0, < 11.1.25162.022025-08-07
CVE-2025-54397 [MEDIUM] CWE-284 CVE-2025-54397: Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users.
nvd