CVE-2026-3324
Published: 16 April 2026
Summary
CVE-2026-3324 is a high-severity Authentication Bypass Using an Alternate Path or Channel (CWE-288) vulnerability. Its CVSS base score is 8.2 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 32.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).
Deeper analysis
CVE-2026-3324 is an authentication bypass vulnerability in Zohocorp ManageEngine Log360 versions 13000 through 13013, stemming from improper filter configuration and mapped to CWE-288. Published on 2026-04-16, it carries a CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N), indicating high severity due to its network accessibility and lack of prerequisites for exploitation.
Unauthenticated attackers with network access to a vulnerable Log360 instance can exploit this issue with low complexity and no user interaction required. Successful exploitation enables bypass of authentication on certain actions, resulting in high confidentiality impact—such as unauthorized access to sensitive log data—and low integrity impact, with no disruption to availability.
Mitigation details are available in the vendor advisory at https://www.manageengine.com/log-management/advisory/CVE-2026-3324.html.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-23247
Vulnerability details
Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE-2026-3324 enables exploitation of a public-facing log management application (T1190) via authentication bypass, directly facilitating unauthorized access to sensitive logs (T1654).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
AC-3 enforces approved authorizations for access to system resources, directly preventing authentication bypass due to improper filter configuration in Log360.
AC-14 identifies and limits specific actions permitted without identification or authentication, mitigating unauthorized access on vulnerable actions in Log360.
CM-6 mandates secure configuration settings for components like filters, addressing the improper filter configuration causing the authentication bypass.