Support
 
Support Get Quote
 
 
 
 
 
Email Download Link

Security Advisory

Home » Security Advisory

CVE-2026-3324 – Authentication Bypass in Exposed v1 API in Eventlog Analyzer

Vulnerability details
Severity High
CVE ID CVE-2026-3324
Affected software versions Builds between 12570 and 12578,
Builds between 13000 and 13013
Fixed version Builds 13017, 12579
Fixed on March 10, 2026

Details

CVE-2026-3324 describes an authentication bypass vulnerability affecting exposed V1 APIs.

Impact

This vulnerability affects builds 12570-12578 and 13000-13013. It allowed authorization checks to be bypassed in the exposed V1 APIs of EventLog Analyzer, potentially enabling unauthorized access to data and operations.

Fix

This issue has been resolved in Eventlog Analyzer builds 13017 and 12579.

If you are using build version Fixed in build
12570 to 12578 12579
13000 to 13013 13017

Steps to update

Update your Eventlog Analyzer instance of versions between 12570 and 12578 to build 12579 and build of versions between 13000 and 13013 to build 13017 or latest, using the service pack.

Acknowledgements

This issue was reported by our Internal Security team through the Zoho BugBounty program.

Please contact our product support or our security team if you need further assistance.

EventLog Analyzer Trusted By

Los Alamos National Bank Michigan State University
Panasonic Comcast
Oklahoma State University IBM
Accenture Bank of America
Infosys
Ernst Young

Customer Speaks

  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank
TestimonialsCase Studies

Awards and Recognitions

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
A Single Pane of Glass for Comprehensive Log Management
Log ManagementLog AnalysisIT ComplianceSIEMQuick LinksRelated Products

A Single Pane of Glass for Comprehensive Threat Management

Free Trial Get Quote
Email Download Link