ManageEngine has disclosed a critical account takeover vulnerability, tracked as CVE-2026-11374, affecting various integrated products within its AD360 identity and access management suite. The flaw affects ADSelfService Plus, RecoveryManager Plus, M365 Manager Plus, and ADAudit Plus when used with AD360 and via single sign-on (SSO) integration. This vulnerability stems from predictable SSO ticket generation, which […]

The post ManageEngine AD360 Integrated Products Hit by Account Takeover Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/manageengine-ad360-account-takeover-vulnerability/