CVE-2025-11250

Critical

Zohocorp ManageEngine ADSelfService Plus versions before 6519 are vulnerable to Authentication Bypass due to improper filter configurations.

Zohocorp·CWE-290·Published 2026-01-13

CVSS

9.1

EPSS

0.01

KEV

Exploits

cve.orgen

140 chars

Zohocorp ManageEngine ADSelfService Plus versions before 6519 are vulnerable to Authentication Bypass due to improper filter configurations.

NVDen

140 chars

Zohocorp ManageEngine ADSelfService Plus versions before 6519 are vulnerable to Authentication Bypass due to improper filter configurations.

Las versiones de Zohocorp ManageEngine ADSelfService Plus anteriores a la 6519 son vulnerables a la omisión de autenticación debido a configuraciones de filtro inadecuadas.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.1	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
3.1	Secondary	NVD	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N