CVE-2025-54396

Medium CVSS: 5.4

Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this.

Vendor

Product

CWE

Yayın Tarihi

2025-08-07 17:15:29

Güncelleme

2025-08-11 14:46:55

Source Identifier

cve@mitre.org

KEV Date Added

CWE-89 Directory Manager MEDIUM Netwrix 2025

Medium

CVE-2025-54397

Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Se…

Medium

CVE-2025-54392

Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error d…

Medium

CVE-2025-54393

Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authent…

Medium

CVE-2025-54394

Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credenti…

Medium

CVE-2025-54395

Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configu…

Critical

CVE-2025-48748

Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password.