VYPR

Configuration Manager

by Microsoft

CVEs (6)

  • CVE-2024-43468CriKEVOct 8, 2024
    risk 0.81cvss 9.8epss 0.61

    Microsoft Configuration Manager Remote Code Execution Vulnerability

  • CVE-2025-59213HigOct 14, 2025
    risk 0.57cvss 8.8epss 0.00

    Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges over an adjacent network.

  • CVE-2025-47178HigJul 8, 2025
    risk 0.52cvss 8.0epss 0.02

    Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.

  • CVE-2025-47179MedNov 11, 2025
    risk 0.44cvss 6.7epss 0.00

    Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.

  • CVE-2025-55320MedOct 14, 2025
    risk 0.44cvss 6.8epss 0.01

    Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over an adjacent network.

  • CVE-2025-59501MedOct 31, 2025
    risk 0.31cvss 4.8epss 0.03

    Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network.