Critical Authentication Flaw in Netwrix Directory Manager by Netwrix
CVE-2025-48746

6.5MEDIUM

Key Information:

Vendor: Netwrix
Status: Netwrix Directory Manager
Vendor: CVE Published:; 28 May 2025

What is CVE-2025-48746?

The Netwrix Directory Manager, previously known as Imanami GroupID, has a significant security vulnerability that affects its authentication processes. Versions 11.0.0.0 and earlier, as well as 11.1.25134.03 and prior, fail to implement proper authentication methods for critical functions, potentially allowing unauthorized access to sensitive data and operations within the application. Organizations using these versions should assess their exposure and take immediate action to mitigate potential risks.

References

https://netwrix.com

https://community.netwrix.com/t/adv-2025-014-critical-vul...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2025
Vulnerability Reserved
May 23, 2025