Sitecore Experience Manager (XM) and Platform (XP) Hardcoded Credentials | Advisories

Go back

Sitecore Experience Manager (XM) and Platform (XP) Hardcoded Credentials

severity: high
date: June 18, 2025
Affecting: XM/XP 10.4.0 before 10.4.1 rev. 011941 PRE
XM/XP 10.3.0 before 10.3.3 rev. 011967 PRE
XM/XP 10.1.0 before 10.1.4 rev. 011974 PRE
CVE: CVE-2025-34509
CVE type: Use of Hard-coded Credentials
CVSS: 8.8
CVSS V4 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
References: Exploit
Credit: Piotr Bazydlo of watchTowr