Search criteria
4 vulnerabilities found for ManageEngine ADManager Plus by Zohocorp
CVE-2025-11670 (GCVE-0-2025-11670)
Vulnerability from nvd – Published: 2025-12-15 11:11 – Updated: 2025-12-15 13:11
VLAI?
Title
NTLM Hash Exposure Vulnerability
Summary
Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure.
This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled.
Severity ?
6.4 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zohocorp | ManageEngine ADManager Plus |
Affected:
0 , < 8025
(8025)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11670",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-15T13:11:02.867665Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-15T13:11:14.660Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ManageEngine ADManager Plus",
"vendor": "Zohocorp",
"versions": [
{
"lessThan": "8025",
"status": "affected",
"version": "0",
"versionType": "8025"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8025",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to\u0026nbsp;NTLM Hash Exposure.\u0026nbsp;\u003cbr\u003eThis vulnerability is exploitable only by technicians who have the \u003cstrong\u003e\u201cImpersonate as Admin\u201d\u003c/strong\u003e option enabled.\u003cbr\u003e"
}
],
"value": "Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to\u00a0NTLM Hash Exposure.\u00a0\nThis vulnerability is exploitable only by technicians who have the \u201cImpersonate as Admin\u201d option enabled."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-15T11:11:13.348Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "Zohocorp"
},
"references": [
{
"url": "https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2025-11670.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NTLM Hash Exposure Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "Zohocorp",
"cveId": "CVE-2025-11670",
"datePublished": "2025-12-15T11:11:13.348Z",
"dateReserved": "2025-10-13T04:36:28.773Z",
"dateUpdated": "2025-12-15T13:11:14.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10020 (GCVE-0-2025-10020)
Vulnerability from nvd – Published: 2025-10-21 12:12 – Updated: 2025-10-22 11:18
VLAI?
Title
Command Injection
Summary
Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component.
Severity ?
8.5 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zohocorp | ManageEngine ADManager Plus |
Affected:
0 , < 8024
(8024)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10020",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T03:55:16.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ManageEngine ADManager Plus",
"vendor": "Zohocorp",
"versions": [
{
"lessThan": "8024",
"status": "affected",
"version": "0",
"versionType": "8024"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eauthenticated command injection vulnerability in the Custom Script component\u003c/span\u003e."
}
],
"value": "Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T11:18:09.933Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "Zohocorp"
},
"references": [
{
"url": "https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2025-10020.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Command Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "Zohocorp",
"cveId": "CVE-2025-10020",
"datePublished": "2025-10-21T12:12:02.187Z",
"dateReserved": "2025-09-05T10:51:20.375Z",
"dateUpdated": "2025-10-22T11:18:09.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-11670 (GCVE-0-2025-11670)
Vulnerability from cvelistv5 – Published: 2025-12-15 11:11 – Updated: 2025-12-15 13:11
VLAI?
Title
NTLM Hash Exposure Vulnerability
Summary
Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure.
This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled.
Severity ?
6.4 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zohocorp | ManageEngine ADManager Plus |
Affected:
0 , < 8025
(8025)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11670",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-15T13:11:02.867665Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-15T13:11:14.660Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ManageEngine ADManager Plus",
"vendor": "Zohocorp",
"versions": [
{
"lessThan": "8025",
"status": "affected",
"version": "0",
"versionType": "8025"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8025",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to\u0026nbsp;NTLM Hash Exposure.\u0026nbsp;\u003cbr\u003eThis vulnerability is exploitable only by technicians who have the \u003cstrong\u003e\u201cImpersonate as Admin\u201d\u003c/strong\u003e option enabled.\u003cbr\u003e"
}
],
"value": "Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to\u00a0NTLM Hash Exposure.\u00a0\nThis vulnerability is exploitable only by technicians who have the \u201cImpersonate as Admin\u201d option enabled."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-15T11:11:13.348Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "Zohocorp"
},
"references": [
{
"url": "https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2025-11670.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NTLM Hash Exposure Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "Zohocorp",
"cveId": "CVE-2025-11670",
"datePublished": "2025-12-15T11:11:13.348Z",
"dateReserved": "2025-10-13T04:36:28.773Z",
"dateUpdated": "2025-12-15T13:11:14.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10020 (GCVE-0-2025-10020)
Vulnerability from cvelistv5 – Published: 2025-10-21 12:12 – Updated: 2025-10-22 11:18
VLAI?
Title
Command Injection
Summary
Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component.
Severity ?
8.5 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zohocorp | ManageEngine ADManager Plus |
Affected:
0 , < 8024
(8024)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10020",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T03:55:16.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ManageEngine ADManager Plus",
"vendor": "Zohocorp",
"versions": [
{
"lessThan": "8024",
"status": "affected",
"version": "0",
"versionType": "8024"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eauthenticated command injection vulnerability in the Custom Script component\u003c/span\u003e."
}
],
"value": "Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T11:18:09.933Z",
"orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"shortName": "Zohocorp"
},
"references": [
{
"url": "https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2025-10020.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Command Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
"assignerShortName": "Zohocorp",
"cveId": "CVE-2025-10020",
"datePublished": "2025-10-21T12:12:02.187Z",
"dateReserved": "2025-09-05T10:51:20.375Z",
"dateUpdated": "2025-10-22T11:18:09.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}