{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T10:18:44.836","vulnerabilities":[{"cve":{"id":"CVE-2025-9428","sourceIdentifier":"0fc0942c-577d-436f-ae8e-945763c79b02","published":"2025-10-21T12:15:35.673","lastModified":"2025-10-23T14:00:21.830","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api."}],"metrics":{"cvssMetricV31":[{"source":"0fc0942c-577d-436f-ae8e-945763c79b02","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"0fc0942c-577d-436f-ae8e-945763c79b02","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_analytics_plus:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1","matchCriteriaId":"FCB8F6B2-6E06-4BE7-9AC9-A8D26F25C67B"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_analytics_plus:6.1:6100:*:*:*:*:*:*","matchCriteriaId":"A27EFFEA-DB7E-4E3E-905B-5D1BAAE3A03E"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_analytics_plus:6.1:6110:*:*:*:*:*:*","matchCriteriaId":"7AAAFC61-BDEB-4688-804E-C8165E693BA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_analytics_plus:6.1:6120:*:*:*:*:*:*","matchCriteriaId":"13DAD61B-82F4-42B5-A2E8-81EB62346EB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_analytics_plus:6.1:6130:*:*:*:*:*:*","matchCriteriaId":"0E074C04-4BC6-431B-99F0-ECB9E83532A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_analytics_plus:6.1:6140:*:*:*:*:*:*","matchCriteriaId":"1384D5F4-D3F0-48B4-AA2A-0B7E93A46C72"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_analytics_plus:6.1:6150:*:*:*:*:*:*","matchCriteriaId":"3F1E5920-9108-40A8-8FE0-727BA82C092F"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_analytics_plus:6.1:6160:*:*:*:*:*:*","matchCriteriaId":"F237D724-FF1D-4D03-9968-6F64B45F421F"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_analytics_plus:6.1:6170:*:*:*:*:*:*","matchCriteriaId":"ECDAD23D-D2E8-4A10-BDA6-7088314849AD"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_analytics_plus:6.1:6171:*:*:*:*:*:*","matchCriteriaId":"4166ED3E-040B-4867-BD53-515638BFFF21"}]}]}],"references":[{"url":"https://www.manageengine.com/analytics-plus/CVE-2025-9428.html","source":"0fc0942c-577d-436f-ae8e-945763c79b02","tags":["Vendor Advisory"]}]}}]}