CVE-2025-6943

Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.8 LOW
LOCAL
HIGH
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
DelineaCNA
3.8 LOW
LOCAL
HIGH
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
VendorProductVersion
delineasecret_server
𝑥
< 11.7.000060
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://docs.delinea.com/online-help/secret-server-changelog/secret-server-change-log.htm?cshid=secret-server-changelog#Friday,_November_22,_2024
https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000060.htm
https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000061.htm
https://trust.delinea.com