# CVE-2025-1724 : AD Authentication User Account takeover vulnerability in Analytics Plus on-premise

**Severity:** High  
**CVE ID:** CVE-2025-1724

| Product name | Affected Software Version(s) | Fixed Version | Fixed On |
|---|---|---|---|
| Analytics Plus on-premise | All Analytics Plus on-premise Windows builds below 6130 | Build 6130 | March 11, 2025 |

## Details

A vulnerability has been discovered in Analytics Plus on-premise, which allows unauthorized access to authenticated AD user accounts. This could potentially lead to the unauthorized exposure of user information.

## Impact

This vulnerability could lead to the unauthorized exposure of unauthorized user information, potentially resulting in account takeovers.

## Applicability

This problem specifically applies to Windows installations in instances where users access Analytics Plus on-premise through Windows-based active directory authentication, without Active Directory SSO configuration.

## Fix

This issue has been resolved by generating installation-specific keys and securely storing them with sufficient encryption.

## Steps to upgrade

1. Kindly download the latest upgrade pack from [the service pack page.](https://www.manageengine.com/analytics-plus/service-packs.html)
2. Follow the instructions detailed in the above service pack page to upgrade to the latest build.

## Acknowledgements

This vulnerability was reported by **Muhammed Mekkawy** through our Bug Bounty portal.

For any questions or concerns, please write to us at:

- EU region: [analyticsplus-support@manageengine.eu](mailto:analyticsplus-support@manageengine.eu)
- Other regions: [analyticsplus-support@manageengine.com](mailto:analyticsplus-support@manageengine.com)