Verve Asset Manager

CVEs (3)

• CVE-2025-14377HigJan 20, 2026
  Verve Asset Manager

  Verve Asset Manager
  risk 0.57cvss —epss 0.00

  A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024.

• CVE-2025-11862HigNov 11, 2025
  Verve Asset Manager

  Verve Asset Manager
  risk 0.55cvss —epss 0.00

  A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users to read, update, and delete users via the API.

• CVE-2025-1449HigMar 31, 2025
  Verve Asset Manager

  Verve Asset Manager
  risk 0.49cvss —epss 0.01

  A vulnerability exists in the Rockwell Automation Verve Asset Manager due to insufficient variable sanitizing. A portion of the administrative web interface for Verve's Legacy Agentless Device Inventory (ADI) capability (deprecated since the 1.36 release) allows users to change…