Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-59501 | 1 Microsoft | 3 Configuration Manager 2403, Configuration Manager 2409, Configuration Manager 2503 | 2025-11-05 | N/A | 4.8 MEDIUM |
| Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network. | |||||
| CVE-2025-55320 | 1 Microsoft | 3 Configuration Manager 2403, Configuration Manager 2409, Configuration Manager 2503 | 2025-10-17 | N/A | 6.8 MEDIUM |
| Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over an adjacent network. | |||||
| CVE-2025-59213 | 1 Microsoft | 3 Configuration Manager 2403, Configuration Manager 2409, Configuration Manager 2503 | 2025-10-17 | N/A | 8.4 HIGH |
| Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges locally. | |||||
| CVE-2025-47178 | 1 Microsoft | 1 Configuration Manager 2503 | 2025-07-23 | N/A | 8.0 HIGH |
| Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network. | |||||