CNNVD-202510-1923 Information
CNNVD ID
CNNVD-202510-1923
Related CVE
- CNNVD Published: 2025-10-14
Description (Chinese)
Microsoft Configuration Manager是美国微软(Microsoft)公司的一套用于管理企业内部电脑和服务器的解决方案,它可以帮助IT部门保持软件更新、设置配置和安全策略,并监控系统状态。 Microsoft Configuration Manager存在SQL注入漏洞,该漏洞源于攻击者利用该漏洞可以提升权限。
Description (English)
Microsoft Construction Manager is a United States Microsoft company solution for managing in-house computers and servers that helps the IT sector maintain software upgrades, configurations and security strategies, and monitors system status. Microsoft Configuration Manager has a leak in SQL, which stems from the fact that the assailants use it to enhance their authority.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
微软
Published
2025-10-14
Last Modified
2026-02-24
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55320 https://vigilance.fr/vulnerability/Microsoft-Configuration-Manager-vulnerabilities-of-October-2025-48469
Patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55320
Share on: