CVE-2025-6943

NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-6943
CWE	https://cwe.mitre.org/data/definitions/269.html

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-6943

CWE

https://cwe.mitre.org/data/definitions/269.html

Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables.

Weakness

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Potential Mitigations

https://cwe.mitre.org/data/definitions/122.html
https://cwe.mitre.org/data/definitions/233.html
https://cwe.mitre.org/data/definitions/58.html

References

https://docs.delinea.com/online-help/secret-server-changelog/secret-server-change-log.htm?cshid=secret-server-changelog#Friday,_November_22,_2024
https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000060.htm
https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000061.htm
https://trust.delinea.com

Improper Privilege Management

Weakness

Potential Mitigations

Related Attack Patterns

References