CVE-2025-6942

Name of the Vulnerable Software and Affected Versions: Secret Server versions 11.7.49 and earlier

Description: The distributed engine of Secret Server can be exploited during an initial authorization event, allowing an attacker to impersonate another distributed engine.

Recommendations: For Secret Server versions 11.7.49 and earlier, consider restricting access to the distributed engine until a patch is available. As a temporary workaround, limit the initial authorization events to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.