Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality.
References
| Link | Resource |
|---|---|
| https://www.manageengine.com/privileged-access-management/advisory/cve-2025-11669.html | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
02 Feb 2026, 15:42
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Zohocorp manageengine Password Manager Pro
Zohocorp manageengine Pam360 Zohocorp Zohocorp manageengine Access Manager Plus |
|
| References | () https://www.manageengine.com/privileged-access-management/advisory/cve-2025-11669.html - Patch, Vendor Advisory | |
| CPE | cpe:2.3:a:zohocorp:manageengine_access_manager_plus:*:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:8.2:build8201:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_password_manager_pro:*:*:*:*:-:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:*:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_password_manager_pro:13.2:build13200:*:*:-:*:*:* cpe:2.3:a:zohocorp:manageengine_password_manager_pro:13.2:build13220:*:*:-:*:*:* cpe:2.3:a:zohocorp:manageengine_pam360:8.2:build8200:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_password_manager_pro:13.2:build13210:*:*:-:*:*:* cpe:2.3:a:zohocorp:manageengine_access_manager_plus:4.4:build4400:*:*:*:*:*:* |
13 Jan 2026, 14:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-01-13 14:16
Updated : 2026-02-02 15:42
NVD link : CVE-2025-11669
Mitre link : CVE-2025-11669
CVE.ORG link : CVE-2025-11669
JSON object : View
Products Affected
zohocorp
- manageengine_access_manager_plus
- manageengine_pam360
- manageengine_password_manager_pro
CWE
CWE-862
Missing Authorization