Search criteria
3 vulnerabilities
CVE-2025-6942 (GCVE-0-2025-6942)
Vulnerability from cvelistv5 – Published: 2025-07-02 15:49 – Updated: 2025-07-02 19:46
VLAI?
Summary
The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine.
Severity ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Delinea | Secret Server |
Affected:
0 , ≤ 11.7.49
(Secret Server)
Affected: 0 , ≤ 8.4.39.0 (Distributed Engine) |
Credits
NCIA researchers
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6942",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T15:58:09.266658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T15:58:13.977Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Distributed Engine"
],
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"lessThanOrEqual": "11.7.49",
"status": "affected",
"version": "0",
"versionType": "Secret Server"
},
{
"lessThanOrEqual": "8.4.39.0",
"status": "affected",
"version": "0",
"versionType": "Distributed Engine"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "NCIA researchers"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine."
}
],
"value": "The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine."
}
],
"impacts": [
{
"capecId": "CAPEC-22",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-22 Exploiting Trust in Client"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T19:46:25.837Z",
"orgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"shortName": "Delinea"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000060.htm"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000061.htm"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server-changelog/secret-server-change-log.htm?cshid=secret-server-changelog#Friday,_November_22,_2024"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://trust.delinea.com/?tcuUid=2b68edca-7930-438d-b960-2d6da07cdde9"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"assignerShortName": "Delinea",
"cveId": "CVE-2025-6942",
"datePublished": "2025-07-02T15:49:16.894Z",
"dateReserved": "2025-06-30T22:28:26.930Z",
"dateUpdated": "2025-07-02T19:46:25.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6943 (GCVE-0-2025-6943)
Vulnerability from cvelistv5 – Published: 2025-07-02 15:45 – Updated: 2025-07-02 15:59
VLAI?
Summary
Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables.
Severity ?
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Delinea | Secret Server |
Affected:
0 , ≤ 11.7
(custom)
|
Credits
NCIA researchers
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6943",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T15:59:37.052875Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T15:59:43.816Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"lessThanOrEqual": "11.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "NCIA researchers"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSecret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T15:45:01.702Z",
"orgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"shortName": "Delinea"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000060.htm"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000061.htm"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server-changelog/secret-server-change-log.htm?cshid=secret-server-changelog#Friday,_November_22,_2024"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://trust.delinea.com"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"assignerShortName": "Delinea",
"cveId": "CVE-2025-6943",
"datePublished": "2025-07-02T15:45:01.702Z",
"dateReserved": "2025-06-30T22:28:29.744Z",
"dateUpdated": "2025-07-02T15:59:43.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12908 (GCVE-0-2024-12908)
Vulnerability from cvelistv5 – Published: 2024-12-26 15:45 – Updated: 2024-12-27 14:22
VLAI?
Summary
Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version 6.0.3.26) where, within the protocol handler function, URI's were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfully exploited, a remote attacker may be able to convince a user to visit a malicious web-page, or open a
malicious document which could trigger the vulnerable handler, allowing them to execute
arbitrary code on the user's machine. Delinea added additional validation that the downloaded installer's batch file was in the expected format.
Severity ?
6.9 (Medium)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Delinea | Secret Server |
Affected:
11.7.31
|
Credits
David Cash and Richard Warren of Amber Wolf
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12908",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:22:42.484455Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:22:58.318Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://blog.amberwolf.com/blog/2024/december/cve-2024-12908-delinea-protocol-handler---remote-code-execution-via-update-process/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Protocol Handler"
],
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"status": "affected",
"version": "11.7.31"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "David Cash and Richard Warren of Amber Wolf"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Delinea a\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eddressed a reported case on Secret Server v11.7.31 (protocol handler version\u003c/span\u003e\u0026nbsp;6.0.3.26)\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;where, within the protocol handler function, URI\u0027s were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfully exploited, a\u0026nbsp;\u003c/span\u003eremote attacker may be able to convince a user to visit a malicious web-page, or open a\nmalicious document which could trigger the vulnerable handler, allowing them to execute\narbitrary code on the user\u0027s machine.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDelinea a\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edded additional validation that the downloaded installer\u0027s batch file was in the expected format.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version\u00a06.0.3.26)\u00a0where, within the protocol handler function, URI\u0027s were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfully exploited, a\u00a0remote attacker may be able to convince a user to visit a malicious web-page, or open a\nmalicious document which could trigger the vulnerable handler, allowing them to execute\narbitrary code on the user\u0027s machine.\u00a0Delinea added additional validation that the downloaded installer\u0027s batch file was in the expected format."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T15:45:39.592Z",
"orgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"shortName": "Delinea"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000049.htm"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://trust.delinea.com/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://blog.amberwolf.com/blog/2024/december/cve-2024-12908-delinea-protocol-handler---remote-code-execution-via-update-process/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"assignerShortName": "Delinea",
"cveId": "CVE-2024-12908",
"datePublished": "2024-12-26T15:45:39.592Z",
"dateReserved": "2024-12-23T16:24:16.226Z",
"dateUpdated": "2024-12-27T14:22:58.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}