CVE-2025-12812 | THREATINT

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Delinea Inc. Cloud Suite and Privileged Access Service. Remediation: This issue is fixed in Cloud Suite: 25.1

PUBLISHED Reserved 2025-11-06 | Published 2026-02-18 | Updated 2026-02-19 | Assigner Delinea

MEDIUM: 5.3CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Product status

Default status

unaffected

23.1.2 and earlier

affected

25.1 and above

unaffected

Credits

Dawid Dudek reporter

References

trust.delinea.com/...id=9681f2f0-f9b2-4c7a-abc6-1fcd65c34f46

docs.delinea.com/...suite/release-notes/cloud-suite/25.1.htm

cve.org (CVE-2025-12812)

nvd.nist.gov (CVE-2025-12812)

Download JSON