CVE Tools

netwrix

Enterprise Softwarecommercial

11

Cumulative CVEs

2

Monthly snapshots

#141

Peak rank

Top products

directory manager6

Latest CVEs

The 15 most recently published vulnerabilities affecting netwrix.

CVE-2025-54397Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users.4.3Aug 7, 2025
CVE-2025-54396Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this.5.4Aug 7, 2025
CVE-2025-54395Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data.6.1Aug 7, 2025
CVE-2025-54394Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources.5.3Aug 7, 2025
CVE-2025-54393Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access.5.4Aug 7, 2025
CVE-2025-54392Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189.6.1Aug 7, 2025
CVE-2025-48748Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password.10.0May 29, 2025
CVE-2025-48749Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03 inserts Sensitive Information into Sent Data.9.1May 28, 2025
CVE-2025-48747Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11.1.25134.03 has Incorrect Permission Assignment for a Critical Resource.5.0May 28, 2025
CVE-2025-48746Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function.6.5May 28, 2025
CVE-2025-47748Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded password.5.3May 28, 2025
CVE-2025-26818Netwrix Password Secure through 9.2 allows command injection.9.8Apr 3, 2025
CVE-2025-26817Netwrix Password Secure 9.2.0.32454 allows OS command injection.9.8Apr 3, 2025
CVE-2023-41264Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. This only occurs if the c...9.8Nov 28, 2023
CVE-2022-31199Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The r...KEV9.8Nov 8, 2022