Vulnerabilities > Netwrix
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-28 | CVE-2023-41264 | Improper Authentication vulnerability in Netwrix Usercube Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows authentication bypass on deployment endpoints, leading to privilege escalation. | 9.8 |
2022-11-08 | CVE-2022-31199 | Deserialization of Untrusted Data vulnerability in Netwrix Auditor 9.7/9.8 Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. | 9.8 |
2020-10-20 | CVE-2020-15931 | Information Exposure vulnerability in Netwrix Account Lockout Examiner Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator (that is configured within the product in its installation state) by generating a single Kerberos Pre-Authentication Failed (ID 4771) event on a Domain Controller. | 7.5 |
2019-08-12 | CVE-2019-14969 | Incorrect Permission Assignment for Critical Resource vulnerability in Netwrix Auditor 9.7 Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\ and sub-folders. | 7.8 |