VDB
CVE-2025-9428
CVE-2025-9428
PUBLISHED
CVSS 8.300000190734863 HIGH
Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api.
EPSS 2.30% · 85.1th percentile
Risk Scores
CVSS 3.1
8.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
EPSS Score
2.30%
85.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zohocorp | Analytics Plus | 0 |
| zohocorp | manageengine_analytics_plus | 0, 6.1, 6.1 |
Timeline
- Oct 21, 2025 EPSS Score
- Oct 21, 2025 CVE Published
- Oct 21, 2025 PoC Published
- Oct 21, 2025 PoC Published
- Oct 23, 2025 CVE Updated
- Oct 27, 2025 EPSS Score
- Nov 2, 2025 EPSS Score
- Nov 8, 2025 EPSS Score
- Nov 14, 2025 EPSS Score
- Nov 19, 2025 EPSS Score
- Nov 25, 2025 EPSS Score
- Dec 1, 2025 EPSS Score