本頁列出影響 netwrix directory_manager 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2025-54397 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users. | [email protected] | 4.3 | 0.17% | 2025-08-07 | 2025-08-11 |
| CVE-2025-54396 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this. | [email protected] | 5.4 | 0.14% | 2025-08-07 | 2025-08-11 |
| CVE-2025-54395 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data. | [email protected] | 6.1 | 0.12% | 2025-08-07 | 2025-08-11 |
| CVE-2025-54394 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources. | [email protected] | 5.3 | 0.24% | 2025-08-07 | 2025-08-11 |
| CVE-2025-54393 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access. | [email protected] | 5.4 | 0.19% | 2025-08-07 | 2025-08-11 |
| CVE-2025-54392 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189. | [email protected] | 6.1 | 0.12% | 2025-08-07 | 2025-08-11 |
| CVE-2025-48748 | Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password. | [email protected] | 10.0 | 0.37% | 2025-05-29 | 2025-06-23 |
| CVE-2025-48749 | Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03 inserts Sensitive Information into Sent Data. | [email protected] | 9.1 | 0.41% | 2025-05-28 | 2025-06-18 |
| CVE-2025-48747 | Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11.1.25134.03 has Incorrect Permission Assignment for a Critical Resource. | [email protected] | 5.0 | 0.17% | 2025-05-28 | 2025-06-19 |
| CVE-2025-47748 | Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded password. | [email protected] | 5.3 | 0.33% | 2025-05-28 | 2025-06-19 |
| CVE-2025-48746 | Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function. | [email protected] | 6.5 | 0.19% | 2025-05-28 | 2025-06-24 |