Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure.
This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled.
References
| Link | Resource |
|---|---|
| https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2025-11670.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
18 Dec 2025, 01:51
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2025-11670.html - Vendor Advisory | |
| CWE | NVD-CWE-noinfo | |
| CPE | cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8000:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8020:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8022:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8001:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8012:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8021:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8002:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8010:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_admanager_plus:8.0:8011:*:*:*:*:*:* |
|
| First Time |
Zohocorp
Zohocorp manageengine Admanager Plus |
15 Dec 2025, 11:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-12-15 11:15
Updated : 2025-12-18 01:51
NVD link : CVE-2025-11670
Mitre link : CVE-2025-11670
CVE.ORG link : CVE-2025-11670
JSON object : View
Products Affected
zohocorp
- manageengine_admanager_plus
CWE