CVE-2025-48747

Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11.1.25134.03 has Incorrect Permission Assignment for a Critical Resource.

CVSS v3 5.0 MEDIUM

5.0^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.1 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://community.netwrix.com/t/adv-2025-014-critical-vulnerabilities-in-netwrix-directory-manager-formerly-imanami-groupid-v11/13951	Vendor Advisory
https://netwrix.com	Product

Configurations

Configuration 1 (hide)

cpe:2.3:a:netwrix:directory_manager:*:*:*:*:*:*:*:*

History

19 Jun 2025, 00:01

Type	Values Removed	Values Added
First Time		Netwrix directory Manager Netwrix
CPE		cpe:2.3:a:netwrix:directory_manager::::::::
Summary		(es) Netwrix Directory Manager (anteriormente Imanami GroupID) anterior a v.11.0.0.0 incluida y posterior a v.11.1.25134.03 tiene una asignación de permisos incorrecta para un recurso crítico.
References	~~() https://community.netwrix.com/t/adv-2025-014-critical-vulnerabilities-in-netwrix-directory-manager-formerly-imanami-groupid-v11/13951 -~~	() https://community.netwrix.com/t/adv-2025-014-critical-vulnerabilities-in-netwrix-directory-manager-formerly-imanami-groupid-v11/13951 - Vendor Advisory
References	~~() https://netwrix.com -~~	() https://netwrix.com - Product

28 May 2025, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-28 18:15

Updated : 2025-06-19 00:01

NVD link : CVE-2025-48747

Mitre link : CVE-2025-48747

CVE.ORG link : CVE-2025-48747

JSON object : View

Products Affected

netwrix

directory_manager

CWE

CWE-732

Incorrect Permission Assignment for Critical Resource

5.0 /10