DNA View

High Severity Vulnerability

This vulnerability has been rated as High severity. Immediate action is recommended.

CVE-2026-3324

High

Low Medium High Critical

8.2

CVSS Score

Published: Apr 16, 2026

Last Modified: Apr 17, 2026

CWE: CWE-288

Vulnerability Description

Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration.

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

References & Resources

https://www.manageengine.com/log-management/advisory/CVE-2026-3324.html
0fc0942c-577d-436f-ae8e-945763c79b02

Severity Details

8.2

out of 10.0

High

Weakness Type (CWE)

CWE-288

Authentication Bypass Using an Alternate Path or Channel

Description: The product requires authentication, but the product has an alternate path or channel that does not require authentication.
Typical Severity: Medium
Abstraction Level: Base