Authentication Bypass Vulnerability in Password Manager Pro and PAM360

CVE ID : CVE-2026-12263

Severity : High

Details :
An Authentication Bypass vulnerability was identified in Password Manager Pro and PAM360. The vulnerability has been addressed, and the issue does not exist in the fixed version.

Product Name	Issue	Affected Version(s)	Fixed Version(s)	Fixed On
Password Manager Pro	Authentication Bypass	Till 13231	13232	09-06-2026
PAM360	Authentication Bypass	Till 8550	8551	09-06-2026

(Please note that this vulnerability applies to only those who have installed or upgraded to the above mentioned version)

Impact:
The Authentication Bypass vulnerability allows any authenticated user to log in to Password Manager Pro or PAM360 as any other user, resulting in unauthorized access.

Steps to Upgrade:

1. Download the latest upgrade pack from the following links
   • Password Manager Pro - https://www.manageengine.com/products/passwordmanagerpro/upgradepack.html
   • PAM360 - https://www.manageengine.com/privileged-access-management/upgradepack.html
2. Apply the latest build to your existing product installation as per the upgrade pack instructions provided in the above links.

Acknowledgements:

Reported by 0xManhNV

Please contact the product support for further details at the below mentioned email addresses:

PAM360: pam360-support@manageengine.com

Password Manager Pro: passwordmanagerpro-support@manageengine.com