The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine.
History

Wed, 02 Jul 2025 20:30:00 +0000

Type Values Removed Values Added
References

Wed, 02 Jul 2025 19:45:00 +0000

Type Values Removed Values Added
Description The distributed engine of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine. The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine.
References

Wed, 02 Jul 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 02 Jul 2025 16:00:00 +0000

Type Values Removed Values Added
Description The distributed engine of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine.
Weaknesses CWE-639
References
Metrics cvssV3_1

{'score': 3.8, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Delinea

Published: 2025-07-02T15:49:16.894Z

Updated: 2025-07-02T19:46:25.837Z

Reserved: 2025-06-30T22:28:26.930Z

Link: CVE-2025-6942

cve-icon Vulnrichment

Updated: 2025-07-02T15:58:11.405Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-07-02T16:15:29.883

Modified: 2025-07-03T15:13:53.147

Link: CVE-2025-6942

cve-icon Redhat

No data.