Platform
manageengine
Component
log360
Fixed in
13013.0.1
CVE-2026-3324 describes an authentication bypass vulnerability affecting ManageEngine Log360 versions 13.0.0 through 13013. This flaw allows attackers to bypass authentication controls and potentially gain unauthorized access to sensitive log data. The vulnerability stems from improper filter configuration within the application. A patch, version 13.0.14, has been released to address this issue.
Successful exploitation of CVE-2026-3324 could allow an attacker to gain unauthorized access to ManageEngine Log360, potentially exposing sensitive log data collected from various systems. This data may include user credentials, application logs, security events, and other confidential information. Depending on the scope of Log360’s data collection, an attacker could potentially gain insights into the entire IT infrastructure and identify further attack vectors. The impact is amplified if Log360 is used to monitor critical systems or store sensitive data subject to compliance regulations.
CVE-2026-3324 was publicly disclosed on 2026-04-16. The vulnerability's severity is rated HIGH with a CVSS score of 8.2. No public proof-of-concept (PoC) code has been released at the time of writing, but the authentication bypass nature of the vulnerability suggests a relatively high likelihood of exploitation if a PoC becomes available. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.17% (39% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-3324 is to upgrade ManageEngine Log360 to version 13.0.14 or later. Prior to upgrading, it's crucial to review the release notes for any potential breaking changes and plan a rollback strategy if necessary. As a temporary workaround, restrict access to Log360 to authorized users only and implement stricter authentication policies. Monitor Log360 logs for any suspicious activity or unauthorized access attempts. Consider implementing a Web Application Firewall (WAF) with rules to block requests that attempt to bypass authentication.
Update to version 13.0.14 or later to mitigate the authentication bypass vulnerability. See the ManageEngine advisory page for detailed instructions and patch download: https://www.manageengine.com/log-management/advisory/CVE-2026-3324.html
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-3324 is a HIGH severity vulnerability in ManageEngine Log360 versions 13.0.0–13013 that allows attackers to bypass authentication controls due to improper filter configuration, potentially granting unauthorized access.
If you are using ManageEngine Log360 versions 13.0.0 through 13013, you are potentially affected by this vulnerability. Upgrade to 13.0.14 or later to mitigate the risk.
The recommended fix is to upgrade ManageEngine Log360 to version 13.0.14 or a later version. Review release notes before upgrading and plan a rollback strategy.
While no public exploits are currently known, the authentication bypass nature of the vulnerability suggests a potential for exploitation if a proof-of-concept is released.
Refer to the official ManageEngine security advisory for detailed information and updates regarding CVE-2026-3324: [https://www.manageengine.com/products/log360/security-advisories.html]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.