CNNVD-202511-1083 Information
CNNVD ID
CNNVD-202511-1083
Related CVE
- CNNVD Published: 2025-11-11
Description (Chinese)
Microsoft Configuration Manager是美国微软(Microsoft)公司的一套用于管理企业内部电脑和服务器的解决方案,它可以帮助IT部门保持软件更新、设置配置和安全策略,并监控系统状态。 Microsoft Configuration Manager存在访问控制错误漏洞。攻击者利用该漏洞可以提升权限。以下产品和版本受到影响:Microsoft Configuration Manager 2403,Microsoft Configuration Manager 2503,Microsoft Configuration Manager 2409。
Description (English)
Microsoft Construction Manager is a United States Microsoft company solution for managing in-house computers and servers that helps the IT sector maintain software upgrades, configurations and security strategies, and monitors system status. Microsoft Consortium Manager has access control bugs. The attackers use this loophole to enhance their authority. The following products and versions were affected: Microsoft Construction Manager 2403; Microsoft Construction Manager 2503; and Microsoft Construction Manager 2409.
Hazard Level
High
Vulnerability Type
访问控制错误
Affected Vendor
微软
Published
2025-11-11
Last Modified
2026-02-24
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47179 https://vigilance.fr/vulnerability/Microsoft-Configuration-Manager-privilege-escalation-dated-11-11-2025-48714
Patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47179
Share on: