Microsoft: >> Configuration Manager 2503 Security Vulnerabilities
Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.
CVSS Score
6.7
EPSS Score
0.001
Published
2025-11-11
Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network.
CVSS Score
4.8
EPSS Score
0.002
Published
2025-10-31
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges locally.
CVSS Score
8.4
EPSS Score
0.001
Published
2025-10-14
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over an adjacent network.
CVSS Score
6.8
EPSS Score
0.002
Published
2025-10-14
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.
CVSS Score
8.0
EPSS Score
0.006
Published
2025-07-08