Microsoft Microsoft Configuration Manager
6 CVEs affecting Microsoft Microsoft Configuration Manager. Latest disclosed: 2025-11-11. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-43468 | Critical | 9.8 | 2024-10-08 | Microsoft Configuration Manager Remote Code Execution Vulnerability |
CVE-2025-59213 | High | 8.8 | 2025-10-14 | Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elev… |
CVE-2025-47178 | High | 8.0 | 2025-07-08 | Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execut… |
CVE-2025-55320 | Medium | 6.8 | 2025-10-14 | Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to elevat… |
CVE-2025-47179 | Medium | 6.7 | 2025-11-11 | Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally. |
CVE-2025-59501 | Medium | 4.8 | 2025-10-31 | Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network. |