CVE-2026-3324
Published: 16 April 2026
Description
Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration.
Mitigating Controls (NIST 800-53 r5)AI
AC-3 enforces approved authorizations for access to system resources, directly preventing authentication bypass due to improper filter configuration in Log360.
AC-14 identifies and limits specific actions permitted without identification or authentication, mitigating unauthorized access on vulnerable actions in Log360.
CM-6 mandates secure configuration settings for components like filters, addressing the improper filter configuration causing the authentication bypass.
Security SummaryAI
CVE-2026-3324 is an authentication bypass vulnerability in Zohocorp ManageEngine Log360 versions 13000 through 13013, stemming from improper filter configuration and mapped to CWE-288. Published on 2026-04-16, it carries a CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N), indicating high severity due to its network accessibility and lack of prerequisites for exploitation.
Unauthenticated attackers with network access to a vulnerable Log360 instance can exploit this issue with low complexity and no user interaction required. Successful exploitation enables bypass of authentication on certain actions, resulting in high confidentiality impact—such as unauthorized access to sensitive log data—and low integrity impact, with no disruption to availability.
Mitigation details are available in the vendor advisory at https://www.manageengine.com/log-management/advisory/CVE-2026-3324.html.
Details
- CWE(s)
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE-2026-3324 enables exploitation of a public-facing log management application (T1190) via authentication bypass, directly facilitating unauthorized access to sensitive logs (T1654).