The Digital Security Authority (DSA) wants to bring to your attention a vulnerability affecting ManageEngine Analytics.

Technical Details

ManageEngine Analytics Plus on premise contains a recently discovered vulnerability that when exploited can lead to unauthorized access of user information that in turn can lead to account takeover. This is specific for instances running on Windows.

Affected Products:

• ManageEngine Analytics

Fixed Versions: 

Version: Build 6130

Recommendations

The Digital Security Authority recommends updating ManageEngine version to Version Build 6130 to ensure their devices are protected.

References

1.  Common Vulnerabilities & Exposures

The information presented in this report is based on available data up to the 21st of March 2025.

 [ Get the report  in .PDF ]