Insufficiently Protected Credentials in Netwrix Directory Manager
CVE-2025-54394

5.3MEDIUM

Key Information:

Vendor: Netwrix
Status: Netwrix Directory Manager
Vendor: CVE Published:; 7 August 2025

What is CVE-2025-54394?

Netwrix Directory Manager, formerly known as Imanami GroupID, versions before 11.1.25162.02 exhibit insufficient protection of credentials when accessing remote Excel resources. This vulnerability could potentially allow unauthorized access to sensitive data if exploited, stressing the importance of timely updates and robust security measures.

References

https://community.netwrix.com/t/adv-2025-015-critical-vul...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 7, 2025
Vulnerability Reserved
Jul 21, 2025

JSON