CVE-2025-6943
LOWDelinea Secret Server < 11.7.000060 - SQL Report Creation Privilege Escalation
Title source: llmDescription
Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables.
References (4)
Core 4
Core References
Release Notes release-notes
https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000060.htm
Release Notes release-notes
https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000061.htm
Release Notes release-notes
https://docs.delinea.com/online-help/secret-server-changelog/secret-server-change-log.htm?cshid=secret-server-changelog#Friday,_November_22,_2024
Vendor Advisory vendor-advisory
https://trust.delinea.com
Scores
CVSS v3
3.8
EPSS
0.0014
EPSS Percentile
3.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-269
Status
published
Products (1)
delinea/secret_server
< 11.7.000060
Published
Jul 02, 2025
Tracked Since
Feb 18, 2026