CVE 9.8 CRITICAL

SQL Injection_CVE-2025-8324

November 11, 2025 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Zohocorp ManageEngine Analytics Plus versions 6170 and below are vulnerable to Unauthenticated SQL Injection due to the improper filter configuration.

AI Analysis

Unauthenticated SQL Injection vulnerability due to improper filter configuration

Basic Information

ID CVE-2025-8324

Source Zohocorp

Published Nov 11, 2025 at 13:04

Modified Nov 11, 2025 at 13:05

Affected Product

Vendor Zohocorp

Product ManageEngine Analytics Plus

Affected Versions Zohocorp ManageEngine Analytics Plus 0

CWE Classification

CWE-89

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor Zohocorp

Product ManageEngine Analytics Plus

Version 6170 and below

References

www.manageengine.com /analytics-plus/CVE-2025-8324.html

{
    "lastseen": "",
    "description": "Zohocorp ManageEngine Analytics Plus versions\u00a06170 and below are vulnerable to Unauthenticated SQL Injection due to the improper filter configuration.",
    "published": "2025-11-11T13:04:00.573Z",
    "modified": "2025-11-11T13:05:23.940Z",
    "type": "cve",
    "title": "SQL Injection",
    "source": "Zohocorp",
    "references": "https://www.manageengine.com/analytics-plus/CVE-2025-8324.html",
    "id": "CVE-2025-8324",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "Zohocorp ManageEngine Analytics Plus 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ManageEngine Analytics Plus",
    "version": "0",
    "vendor": "Zohocorp",
    "ai_description": "Unauthenticated SQL Injection vulnerability due to improper filter configuration",
    "ai_severity": "Critical",
    "ai_vendor": "Zohocorp",
    "ai_product": "ManageEngine Analytics Plus",
    "ai_version": "6170 and below",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply