Zoho ManageEngine Log360 Authentication Bypass Risk

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.2

Zoho ManageEngine Log360 Authentication Bypass Risk

CVE-2026-3324

Summary

Certain actions in Zoho ManageEngine Log360 versions 13000 through 13013 can be performed without proper authentication. This means unauthorized users may be able to access sensitive features. Update to a fixed version to prevent unauthorized access.

Original title

Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration.

Original description

Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration.

nvd CVSS3.1 8.2

Vulnerability type

CWE-288 Authentication Bypass Using Alternate Path

https://www.manageengine.com/log-management/advisory/CVE-2026-3324.html

Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026