Vulnerability Details CVE-2025-36528
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in Service Account Auditing reports.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.3%
CVSS Severity
CVSS v3 Score 8.3
Products affected by CVE-2025-36528
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:-
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:4.1.0
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:4.5.0
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:5.0.0
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:5.1
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:6.0.1
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0.0
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.1.1
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:8.0
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:8.1
-
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:8.5