Security Advisory
Home » Security Advisory
 

CVE-2026-3324 – Authentication Bypass in Exposed v1 API in Log360

Vulnerability details
Severity High
CVE ID CVE-2026-3324
Affected software versions Builds between 13000 and 13013
Fixed version Build 13017
Fixed on March 10, 2026

Details

CVE-2026-3324 describes an authentication bypass vulnerability affecting exposed V1 APIs.

Impact

This vulnerability affected builds from 13000 to 13013. It resulted in authorization checks being bypassed in the exposed V1 APIs of Log360, potentially enabling unauthorized access to data and operations.

Fix

This issue has been resolved in Log360 build 13017.

Steps to update

Update your Log360 instance from any version between 13000 and 13013 to build 13017 or the latest version using the service pack.

Acknowledgements

This issue was reported by our internal security team through the Zoho BugBounty program.

Please contact our product support or our security team if you need further assistance.

Awards & recognition

ManageEngine named in 2025 Gartner MQ for SIEM Gartner Peer Insights Customers' choice for SIEM

  Editor's choice  
  8th time in the MQ in 2025  
  Major player in 2024  
  Integrated cloud security Innovator  
  Technical excellence in SIEM  
  Market leader most innovative  

2022 gartner siem mq

Features

Support

Secure your IT infrastructure with a cloud SIEM solution

Solutions by industry

Related solutions

One-stop solution to all Log Management and Active Directory Auditing

Free Trial Get Quote
Email Download Link