Netwrix Directory_manager
11 CVEs affecting Netwrix Directory_manager. Latest disclosed: 2025-08-07. Critical: 2, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-48748 | Critical | 10.0 | 2025-05-29 | Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password. |
CVE-2025-48749 | Critical | 9.1 | 2025-05-28 | Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03 inserts Sensitive Information into Sent Data. |
CVE-2025-48746 | Medium | 6.5 | 2025-05-28 | Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function. |
CVE-2025-54395 | Medium | 6.1 | 2025-08-07 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data. |
CVE-2025-54392 | Medium | 6.1 | 2025-08-07 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE… |
CVE-2025-54396 | Medium | 5.4 | 2025-08-07 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this. |
CVE-2025-54393 | Medium | 5.4 | 2025-08-07 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative… |
CVE-2025-54394 | Medium | 5.3 | 2025-08-07 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resour… |
CVE-2025-47748 | Medium | 5.3 | 2025-05-28 | Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded password. |
CVE-2025-48747 | Medium | 5.0 | 2025-05-28 | Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11.1.25134.03 has Incorrect Permission Assignment for a Critic… |
CVE-2025-54397 | Medium | 4.3 | 2025-08-07 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users. |