Vulnerabilities > Netwrix

DATE CVE VULNERABILITY TITLE RISK
2023-11-28 CVE-2023-41264 Improper Authentication vulnerability in Netwrix Usercube
Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation.
network
low complexity
netwrix CWE-287
critical
9.8
2022-11-08 CVE-2022-31199 Deserialization of Untrusted Data vulnerability in Netwrix Auditor 9.7/9.8
Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems.
network
low complexity
netwrix CWE-502
critical
9.8
2020-10-20 CVE-2020-15931 Authentication Bypass by Capture-replay vulnerability in Netwrix Account Lockout Examiner
Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator (that is configured within the product in its installation state) by generating a single Kerberos Pre-Authentication Failed (ID 4771) event on a Domain Controller.
network
low complexity
netwrix CWE-294
5.0
2019-08-12 CVE-2019-14969 Incorrect Permission Assignment for Critical Resource vulnerability in Netwrix Auditor 9.7
Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders.
6.9