CVE-2025-11669

Summary

Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality.

Affected Software

VendorProductVersion RangeStatus
ZohocorpManageEngine PAM3600 < 8202affected
ZohocorpManageEngine Password Manager Pro0 < 13221affected
ZohocorpManageEngine Access Manager Plus0 < 4401affected

Weaknesses

  • CWE-862: CWE-862 Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References