CVE 9.1 CRITICAL

Authentication Bypass_CVE-2025-11250

January 13, 2026 invoker category_cve

9.1 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Description

Zohocorp ManageEngine ADSelfService Plus versions before 6519 are vulnerable to Authentication Bypass due to improper filter configurations.

AI Analysis

Authentication Bypass vulnerability due to improper filter configurations

Basic Information

ID CVE-2025-11250

Source Zohocorp

Published Jan 13, 2026 at 13:35

Modified Jan 13, 2026 at 14:19

Affected Product

Vendor Zohocorp

Product ManageEngine ADSelfService Plus

Affected Versions Zohocorp ManageEngine ADSelfService Plus 0

CWE Classification

CWE-290

AI Assessment

AI Score 9.1 / 10

AI Severity Critical

Vendor Zohocorp

Product ManageEngine ADSelfService Plus

Version before 6519

References

www.manageengine.com /products/self-service-password/advisory/CVE-2025-11250.html

{
    "lastseen": "",
    "description": "Zohocorp ManageEngine ADSelfService Plus versions before 6519 are vulnerable to Authentication Bypass due to improper filter configurations.",
    "published": "2026-01-13T13:35:18.509Z",
    "modified": "2026-01-13T14:19:27.437Z",
    "type": "cve",
    "title": "Authentication Bypass",
    "source": "Zohocorp",
    "references": "https://www.manageengine.com/products/self-service-password/advisory/CVE-2025-11250.html",
    "id": "CVE-2025-11250",
    "bulletinFamily": "",
    "cwe": [
        "CWE-290"
    ],
    "cvelist": null,
    "sourceData": "Zohocorp ManageEngine ADSelfService Plus 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.1,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ManageEngine ADSelfService Plus",
    "version": "0",
    "vendor": "Zohocorp",
    "ai_description": "Authentication Bypass vulnerability due to improper filter configurations",
    "ai_severity": "Critical",
    "ai_vendor": "Zohocorp",
    "ai_product": "ManageEngine ADSelfService Plus",
    "ai_version": "before 6519",
    "ai_score": 9.1
}

💭 Join the Security Discussion ❌ Cancel Reply