CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-48746: Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical...

6.5 CVSS

Description

Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function.

Classification

CVE ID: CVE-2025-48746

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.5

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 15.44% (scored less or equal to compared to others)

EPSS Date: 2025-06-17 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-48746
https://netwrix.com
https://community.netwrix.com/t/adv-2025-014-critical-vulnerabilities-in-netwrix-directory-manager-formerly-imanami-groupid-v11/13951

Timeline

2025-05-28 18:40:11 UTC
CVE

Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical...