Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-47178


Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.


Published

2025-07-08T17:15:36.937

Last Modified

2025-07-23T18:30:05.453

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.0 (HIGH)

Weaknesses
  • Type: Primary
    CWE-89

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application microsoft configuration_manager_2503 < 5.00.9135.1003 Yes

References