CVE-2025-34509 | Sitecore Experience Manager/Experience Platform 10.1.4/10.3.3/10.4.1 Administrative API hard-coded credentials

A vulnerability was found in Sitecore Experience Manager and Experience Platform 10.1.4/10.3.3/10.4.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Administrative API. The manipulation leads to hard-coded credentials.

This vulnerability is handled as CVE-2025-34509. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More