CVE-2025-12810

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Name of the Vulnerable Software and Affected Versions Delinea Inc. Secret Server On-Prem versions 11.8.1, 11.9.6, and 11.9.25

Description An improper authentication issue exists in the RPC Password Rotation modules of Delinea Inc. Secret Server On-Prem. When a secret has the "change password on check in" feature enabled, it can automatically check in even if the password change fails after multiple attempts. This results in the secret remaining in an inconsistent state with an incorrect password.

Recommendations Upgrade to Secret Server On-Prem version 11.9.47 or later. The secret will remain checked out when the password change fails.

Exploit

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2025-12810

Affected Products

Secret Server On-Prem

Secret Server

CVE-2025-12810

Weakness Enumeration

Related Identifiers

Affected Products

References · 6