Home

Description

Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure.  This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled.

PUBLISHED Reserved 2025-10-13 | Published 2025-12-15 | Updated 2025-12-15 | Assigner Zohocorp




MEDIUM: 6.4CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Problem types

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Product status

Default status
unaffected

Any version before 8025
affected

References

www.manageengine.com/...ger/admanager-kb/cve-2025-11670.html

cve.org (CVE-2025-11670)

nvd.nist.gov (CVE-2025-11670)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.