Vendor CVEs
Netwrix
All CVEs
22 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-31199 | Cri | 0.85 | 9.8 | 0.36 | KEV | Nov 8, 2022 | Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by… | |
| CVE-2025-48748 | Cri | 0.65 | 10.0 | 0.00 | May 29, 2025 | Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password. | ||
| CVE-2025-26818 | Cri | 0.64 | 9.8 | 0.01 | Apr 3, 2025 | Netwrix Password Secure through 9.2 allows command injection. | ||
| CVE-2025-26817 | Cri | 0.64 | 9.8 | 0.02 | Apr 3, 2025 | Netwrix Password Secure 9.2.0.32454 allows OS command injection. | ||
| CVE-2024-36072 | Cri | 0.64 | 9.8 | 0.01 | Jun 27, 2024 | Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the logging component of the Endpoint Protector and Unify server application which allows an unauthenticated remote attacker to send a malicious… | ||
| CVE-2023-41264 | Cri | 0.64 | 9.8 | 0.01 | Nov 28, 2023 | Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. This only occurs if the configuration omits the required restSettings.AuthorizedClientId and… | ||
| CVE-2025-48749 | Cri | 0.59 | 9.1 | 0.00 | May 28, 2025 | Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03 inserts Sensitive Information into Sent Data. | ||
| CVE-2019-14969 | Hig | 0.51 | 7.8 | 0.00 | Aug 12, 2019 | Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders. In addition, the service Netwrix.ADA.StorageAuditService (which writes to that directory) does not perform proper impersonation, and thus the target file… | ||
| CVE-2020-15931 | Hig | 0.49 | 7.5 | 0.04 | Oct 20, 2020 | Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator (that is configured within the product in its installation state) by generating a single Kerberos Pre-Authentication Failed… | ||
| CVE-2024-36074 | Hig | 0.47 | 7.2 | 0.01 | Jun 27, 2024 | Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the Endpoint Protector and Unify agent in the way that the EasyLock dependency is acquired from the server. An attacker with administrative access to… | ||
| CVE-2024-36073 | Hig | 0.47 | 7.2 | 0.01 | Jun 27, 2024 | Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the shadowing component of the Endpoint Protector and Unify agent which allows an attacker with administrative access to the Endpoint Protector or… | ||
| CVE-2025-48746 | Med | 0.42 | 6.5 | 0.00 | May 28, 2025 | Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function. | ||
| CVE-2024-36075 | Med | 0.42 | 6.5 | 0.01 | Jun 27, 2024 | The CoSoSys Endpoint Protector through 5.9.3 and Unify agent through 7.0.6 is susceptible to an arbitrary code execution vulnerability due to the way an archive obtained from the Endpoint Protector or Unify server is extracted on the endpoint. An attacker who is able to modify… | ||
| CVE-2025-54395 | Med | 0.40 | 6.1 | 0.00 | Aug 7, 2025 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data. | ||
| CVE-2025-54392 | Med | 0.40 | 6.1 | 0.00 | Aug 7, 2025 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189. | ||
| CVE-2025-47189 | Med | 0.40 | 6.1 | 0.00 | Jul 17, 2025 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data of certain user flows, a different vulnerability than CVE-2025-54392. | ||
| CVE-2025-54396 | Med | 0.35 | 5.4 | 0.00 | Aug 7, 2025 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this. | ||
| CVE-2025-54393 | Med | 0.35 | 5.4 | 0.00 | Aug 7, 2025 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access. | ||
| CVE-2025-54394 | Med | 0.34 | 5.3 | 0.00 | Aug 7, 2025 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources. | ||
| CVE-2025-47748 | Med | 0.34 | 5.3 | 0.00 | May 28, 2025 | Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded password. | ||
| CVE-2025-48747 | Med | 0.33 | 5.0 | 0.00 | May 28, 2025 | Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11.1.25134.03 has Incorrect Permission Assignment for a Critical Resource. | ||
| CVE-2025-54397 | Med | 0.28 | 4.3 | 0.00 | Aug 7, 2025 | Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users. |
- risk 0.85cvss 9.8epss 0.36
Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by…
- risk 0.65cvss 10.0epss 0.00
Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password.
- risk 0.64cvss 9.8epss 0.01
Netwrix Password Secure through 9.2 allows command injection.
- risk 0.64cvss 9.8epss 0.02
Netwrix Password Secure 9.2.0.32454 allows OS command injection.
- risk 0.64cvss 9.8epss 0.01
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the logging component of the Endpoint Protector and Unify server application which allows an unauthenticated remote attacker to send a malicious…
- risk 0.64cvss 9.8epss 0.01
Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. This only occurs if the configuration omits the required restSettings.AuthorizedClientId and…
- risk 0.59cvss 9.1epss 0.00
Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03 inserts Sensitive Information into Sent Data.
- risk 0.51cvss 7.8epss 0.00
Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders. In addition, the service Netwrix.ADA.StorageAuditService (which writes to that directory) does not perform proper impersonation, and thus the target file…
- risk 0.49cvss 7.5epss 0.04
Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator (that is configured within the product in its installation state) by generating a single Kerberos Pre-Authentication Failed…
- risk 0.47cvss 7.2epss 0.01
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the Endpoint Protector and Unify agent in the way that the EasyLock dependency is acquired from the server. An attacker with administrative access to…
- risk 0.47cvss 7.2epss 0.01
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the shadowing component of the Endpoint Protector and Unify agent which allows an attacker with administrative access to the Endpoint Protector or…
- risk 0.42cvss 6.5epss 0.00
Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function.
- risk 0.42cvss 6.5epss 0.01
The CoSoSys Endpoint Protector through 5.9.3 and Unify agent through 7.0.6 is susceptible to an arbitrary code execution vulnerability due to the way an archive obtained from the Endpoint Protector or Unify server is extracted on the endpoint. An attacker who is able to modify…
- risk 0.40cvss 6.1epss 0.00
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data.
- risk 0.40cvss 6.1epss 0.00
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189.
- risk 0.40cvss 6.1epss 0.00
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data of certain user flows, a different vulnerability than CVE-2025-54392.
- risk 0.35cvss 5.4epss 0.00
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this.
- risk 0.35cvss 5.4epss 0.00
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access.
- risk 0.34cvss 5.3epss 0.00
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources.
- risk 0.34cvss 5.3epss 0.00
Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded password.
- risk 0.33cvss 5.0epss 0.00
Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11.1.25134.03 has Incorrect Permission Assignment for a Critical Resource.
- risk 0.28cvss 4.3epss 0.00
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users.