Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-6942

The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine.

Published

2025-07-02T16:15:29.883

Last Modified

2025-07-03T15:13:53.147

Status

Awaiting Analysis

Source

1443cd92-d354-46d2-9290-d812316ca43a

Severity

CVSSv3.1: 3.8 (LOW)

Weaknesses

Type: Secondary
CWE-639

Affected Vendors & Products

References

https://docs.delinea.com/online-help/secret-server-changelog/secret-server-change-log.htm?cshid=secret-server-changelog#Friday,_November_22,_2024 (1443cd92-d354-46d2-9290-d812316ca43a)
https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000060.htm (1443cd92-d354-46d2-9290-d812316ca43a)
https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000061.htm (1443cd92-d354-46d2-9290-d812316ca43a)
https://trust.delinea.com/?tcuUid=2b68edca-7930-438d-b960-2d6da07cdde9 (1443cd92-d354-46d2-9290-d812316ca43a)