netwrix 漏洞与 CVE 列表(17)

产品(CPE): — CVE 数: 17

netwrix 漏洞概览

汇总 netwrix 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。

历史漏洞主要涉及 跨站脚本与SQL 注入 等问题,部分漏洞可能导致 会话劫持,并影响 软件部署与生产负载 相关场景。

相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。

漏洞分布趋势(近 24 个月)

显示 11717 CVE 数
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2025-54397 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users. [email protected] 4.3 0.17% 2025-08-07 2026-06-17
CVE-2025-54396 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this. [email protected] 5.4 0.22% 2025-08-07 2026-06-17
CVE-2025-54395 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data. [email protected] 6.1 0.24% 2025-08-07 2026-06-17
CVE-2025-54394 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources. [email protected] 5.3 0.27% 2025-08-07 2026-06-17
CVE-2025-54393 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access. [email protected] 5.4 0.19% 2025-08-07 2026-06-17
CVE-2025-54392 Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189. [email protected] 6.1 0.32% 2025-08-07 2026-06-17
CVE-2025-48748 Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password. [email protected] 10.0 0.34% 2025-05-29 2026-06-17
CVE-2025-48749 Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03 inserts Sensitive Information into Sent Data. [email protected] 9.1 0.41% 2025-05-28 2026-06-17
CVE-2025-48747 Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11.1.25134.03 has Incorrect Permission Assignment for a Critical Resource. [email protected] 5.0 0.17% 2025-05-28 2026-06-17
CVE-2025-47748 Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded password. [email protected] 5.3 0.33% 2025-05-28 2026-06-17
CVE-2025-48746 Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function. [email protected] 6.5 0.19% 2025-05-28 2026-06-17
CVE-2025-26818 Netwrix Password Secure through 9.2 allows command injection. [email protected] 9.8 1.10% 2025-04-03 2026-06-17
CVE-2025-26817 Netwrix Password Secure 9.2.0.32454 allows OS command injection. [email protected] 9.8 1.51% 2025-04-03 2026-06-17
CVE-2023-41264 Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. This only occurs if the configuration omits the required restSettings.AuthorizedClientId and restSettings.AuthorizedSecret fields (for the POST /api/Deployment/ExportConfiguration and POST /api/Deployment endpoints). [email protected] 9.8 1.04% 2023-11-28 2026-06-17
CVE-2022-31199 KEV Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by the component, and potentially allow an unauthenticated remote attacker to execute arbitrary code as the NT AUTHORITY\SYSTEM user on affected systems, including on systems Netwrix Auditor monitors. [email protected] 9.8 36.15% 2022-11-07 2026-06-17
CVE-2020-15931 Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator (that is configured within the product in its installation state) by generating a single Kerberos Pre-Authentication Failed (ID 4771) event on a Domain Controller. [email protected] 7.5 3.73% 2020-10-20 2026-06-16
CVE-2019-14969 Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders. In addition, the service Netwrix.ADA.StorageAuditService (which writes to that directory) does not perform proper impersonation, and thus the target file will have the same permissions as the invoking process (in this case, granting Authenticated Users full access over the target file). This vulnerability can be triggered by a low-privileged user to perform DLL Hijacking/Bi [email protected] 7.8 0.47% 2019-08-12 2026-06-16
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
cvelogic Threat Intelligence