VYPR

Netwrix Directory Manager

by Netwrix

CVEs (12)

  • CVE-2025-48748CriMay 29, 2025
    risk 0.65cvss 10.0epss 0.00

    Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password.

  • CVE-2025-48749CriMay 28, 2025
    risk 0.59cvss 9.1epss 0.00

    Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03 inserts Sensitive Information into Sent Data.

  • CVE-2025-48746MedMay 28, 2025
    risk 0.42cvss 6.5epss 0.00

    Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function.

  • CVE-2025-54395MedAug 7, 2025
    risk 0.40cvss 6.1epss 0.00

    Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data.

  • CVE-2025-54392MedAug 7, 2025
    risk 0.40cvss 6.1epss 0.00

    Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189.

  • CVE-2025-47189MedJul 17, 2025
    risk 0.40cvss 6.1epss 0.00

    Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data of certain user flows, a different vulnerability than CVE-2025-54392.

  • CVE-2025-54396MedAug 7, 2025
    risk 0.35cvss 5.4epss 0.00

    Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this.

  • CVE-2025-54393MedAug 7, 2025
    risk 0.35cvss 5.4epss 0.00

    Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access.

  • CVE-2025-54394MedAug 7, 2025
    risk 0.34cvss 5.3epss 0.00

    Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources.

  • CVE-2025-47748MedMay 28, 2025
    risk 0.34cvss 5.3epss 0.00

    Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded password.

  • CVE-2025-48747MedMay 28, 2025
    risk 0.33cvss 5.0epss 0.00

    Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11.1.25134.03 has Incorrect Permission Assignment for a Critical Resource.

  • CVE-2025-54397MedAug 7, 2025
    risk 0.28cvss 4.3epss 0.00

    Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users.