Primary

Context

ManageEngine Endpoint Central Sensitive Information Logging Vulnerability

Vulnerability

A sensitive information logging vulnerability has been identified in ManageEngine Endpoint Central, affecting versions prior to 11.4.2528.05. This vulnerability allows an authenticated user with access to the logs to potentially retrieve the sensitive agent token.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive agent tokens, which could be misused to replay valid requests.

Remediation

Users can upgrade to the latest version by logging into the Endpoint Central console, clicking on the current build number in the top right corner, and downloading the applicable update.

Added: Oct 27, 2025, 1:25 PM

Updated: Oct 27, 2025, 1:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ManageEngine Endpoint Central Sensitive Information Logging Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating