CVE-2025-12810 — MEDIUM (6.5)

Vulnerability Description

Improper Authentication vulnerability in Delinea Inc. Secret Server On-Prem (RPC Password Rotation modules).This issue affects Secret Server On-Prem: 11.8.1, 11.9.6, 11.9.25. A secret with "change password on check in" enabled automatically checks in even when the password change fails after reaching its retry limit. This leaves the secret in an inconsistent state with the wrong password. Remediation: Upgrade to 11.9.47 or later. The secret will remain checked out when the password change fails.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

LOW

Affected Products

Vendor	Product	Versions
Delinea	Secret Server	11.8.000001

Related Weaknesses (CWE)

CWE-287

References

https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-9-0000Release Notes
https://trust.delinea.com/?tcuUid=48260de9-954d-45c2-9c66-2c9510798a0bVendor Advisory
https://trust.delinea.com/Product

FAQ

What is CVE-2025-12810?

CVE-2025-12810 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Improper Authentication vulnerability in Delinea Inc. Secret Server On-Prem (RPC Password Rotation modules).This issue affects Secret Server On-Prem: 11.8.1, 11.9.6, 11.9.25. A secret with "change pa...

How severe is CVE-2025-12810?

CVE-2025-12810 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-12810?

Check the references section above for vendor advisories and patch information. Affected products include: Delinea Secret Server.