CVE-2025-48749

Critical CVSS: 9.1

Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03 inserts Sensitive Information into Sent Data.

Vendor

Product

CWE

Yayın Tarihi

2025-05-28 18:15:27

Güncelleme

2025-06-18 23:59:44

Source Identifier

cve@mitre.org

KEV Date Added

CWE-201 Directory Manager CRITICAL Netwrix 2025

https://community.netwrix.com/t/adv-2025-014-critical-vulnerabilities-in-netwrix-directory-manager-formerly-imanami-groupid-v11/13951 https://netwrix.com

Medium

CVE-2025-54397

Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Se…

Medium

CVE-2025-54392

Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error d…

Medium

CVE-2025-54393

Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authent…

Medium

CVE-2025-54394

Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credenti…

Medium

CVE-2025-54395

Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configu…

Medium

CVE-2025-54396

Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated u…