Vulnerabilites related to veeam - veeam_backup_\&_replication
CVE-2024-45204 (GCVE-0-2024-45204)
Vulnerability from cvelistv5
Published
2024-12-04 01:06
Modified
2024-12-06 20:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials. The exploitation involves using retrieved credentials to expose sensitive NTLM hashes, impacting systems beyond the initial target and potentially leading to broader security vulnerabilities.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup & Replication |
Version: 12.2 ≤ 12.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45204",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T14:46:20.732535Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T20:10:23.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup \u0026 Replication",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.2",
"status": "affected",
"version": "12.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials. The exploitation involves using retrieved credentials to expose sensitive NTLM hashes, impacting systems beyond the initial target and potentially leading to broader security vulnerabilities."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T01:06:05.328Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4693"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-45204",
"datePublished": "2024-12-04T01:06:05.328Z",
"dateReserved": "2024-08-23T01:00:01.060Z",
"dateUpdated": "2024-12-06T20:10:23.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40712 (GCVE-0-2024-40712)
Vulnerability from cvelistv5
Published
2024-09-07 16:11
Modified
2024-09-09 15:18
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A path traversal vulnerability allows an attacker with a low-privileged account and local access to the system to perform local privilege escalation (LPE).
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup and Recovery |
Version: 12.1.2 ≤ 12.1.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:backup_\\\u0026_replication:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "backup_\\\u0026_replication",
"vendor": "veeam",
"versions": [
{
"lessThanOrEqual": "12.1.2.172",
"status": "affected",
"version": "12",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40712",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T15:17:19.696138Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T15:18:23.506Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup and Recovery",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.1.2",
"status": "affected",
"version": "12.1.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability allows an attacker with a low-privileged account and local access to the system to perform local privilege escalation (LPE)."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-07T16:11:22.203Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4649"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-40712",
"datePublished": "2024-09-07T16:11:22.203Z",
"dateReserved": "2024-07-09T01:04:07.425Z",
"dateUpdated": "2024-09-09T15:18:23.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42457 (GCVE-0-2024-42457)
Vulnerability from cvelistv5
Published
2024-12-04 01:06
Modified
2024-12-04 16:00
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and exploitation, leading to the leak of plaintext credentials to a malicious host. The attack is facilitated by improper usage of a method that allows operators to add a new host with an attacker-controlled IP, enabling them to retrieve sensitive credentials in plaintext.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup & Replication |
Version: 12.2 ≤ 12.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42457",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T15:47:05.862624Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T16:00:32.213Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup \u0026 Replication",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.2",
"status": "affected",
"version": "12.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Veeam Backup \u0026 Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and exploitation, leading to the leak of plaintext credentials to a malicious host. The attack is facilitated by improper usage of a method that allows operators to add a new host with an attacker-controlled IP, enabling them to retrieve sensitive credentials in plaintext."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T01:06:04.658Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4693"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-42457",
"datePublished": "2024-12-04T01:06:04.658Z",
"dateReserved": "2024-08-02T01:04:07.985Z",
"dateUpdated": "2024-12-04T16:00:32.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42452 (GCVE-0-2024-42452)
Vulnerability from cvelistv5
Published
2024-12-04 01:06
Modified
2024-12-04 16:03
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges. The vulnerability exists because remote calls bypass permission checks, leading to full system compromise.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup & Replication |
Version: 12.2 ≤ 12.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:agent:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "agent",
"vendor": "veeam",
"versions": [
{
"lessThanOrEqual": "12.2.0.334",
"status": "affected",
"version": "12.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42452",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T16:01:00.432136Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T16:03:26.578Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup \u0026 Replication",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.2",
"status": "affected",
"version": "12.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Veeam Backup \u0026 Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges. The vulnerability exists because remote calls bypass permission checks, leading to full system compromise."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T01:06:04.654Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4693"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-42452",
"datePublished": "2024-12-04T01:06:04.654Z",
"dateReserved": "2024-08-02T01:04:07.984Z",
"dateUpdated": "2024-12-04T16:03:26.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29850 (GCVE-0-2024-29850)
Vulnerability from cvelistv5
Published
2024-05-22 22:55
Modified
2024-09-19 01:50
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Veeam Backup Enterprise Manager allows account takeover via NTLM relay.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup & Replication |
Version: 12.1.2.172 ≤ |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:backup_enterprise_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "backup_enterprise_manager",
"vendor": "veeam",
"versions": [
{
"lessThan": "12.1.2.172",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29850",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-12T20:20:49.075903Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-294",
"description": "CWE-294 Authentication Bypass by Capture-replay",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T01:50:51.392Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.294Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://veeam.com/kb4581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup \u0026 Replication",
"vendor": "Veeam",
"versions": [
{
"lessThan": "12.1.2.172",
"status": "affected",
"version": "12.1.2.172",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup Enterprise Manager allows account takeover via NTLM relay."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-05-22T22:55:11.260Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://veeam.com/kb4581"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-29850",
"datePublished": "2024-05-22T22:55:11.260Z",
"dateReserved": "2024-03-21T01:04:07.089Z",
"dateUpdated": "2024-09-19T01:50:51.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40713 (GCVE-0-2024-40713)
Vulnerability from cvelistv5
Published
2024-09-07 16:11
Modified
2024-09-09 14:22
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor Authentication (MFA) settings and bypass MFA.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup and Recovery |
Version: 12.1.2 ≤ 12.1.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:backup_\\\u0026_replication:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "backup_\\\u0026_replication",
"vendor": "veeam",
"versions": [
{
"lessThanOrEqual": "12.1.2.172",
"status": "affected",
"version": "12",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40713",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T14:20:54.568516Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T14:22:01.961Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup and Recovery",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.1.2",
"status": "affected",
"version": "12.1.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup \u0026 Replication to alter Multi-Factor Authentication (MFA) settings and bypass MFA."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-07T16:11:22.216Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4649"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-40713",
"datePublished": "2024-09-07T16:11:22.216Z",
"dateReserved": "2024-07-09T01:04:07.426Z",
"dateUpdated": "2024-09-09T14:22:01.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26504 (GCVE-0-2022-26504)
Vulnerability from cvelistv5
Published
2022-03-17 20:48
Modified
2024-08-03 05:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://veeam.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.veeam.com/kb4290"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in Veeam Backup \u0026 Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-17T20:51:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://veeam.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.veeam.com/kb4290"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-26504",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper authentication in Veeam Backup \u0026 Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://veeam.com",
"refsource": "MISC",
"url": "https://veeam.com"
},
{
"name": "https://www.veeam.com/kb4290",
"refsource": "MISC",
"url": "https://www.veeam.com/kb4290"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-26504",
"datePublished": "2022-03-17T20:48:29",
"dateReserved": "2022-03-06T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40710 (GCVE-0-2024-40710)
Vulnerability from cvelistv5
Published
2024-09-07 16:11
Modified
2024-09-09 16:28
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and extraction of sensitive information (savedcredentials and passwords). Exploiting these vulnerabilities requires a user who has been assigned a low-privileged role within Veeam Backup & Replication.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup and Recovery |
Version: 12.1.2 ≤ 12.1.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:backup_\\\u0026_replication:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "backup_\\\u0026_replication",
"vendor": "veeam",
"versions": [
{
"lessThanOrEqual": "12.1.2.172",
"status": "affected",
"version": "12",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40710",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T16:24:07.727007Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T16:28:11.865Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup and Recovery",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.1.2",
"status": "affected",
"version": "12.1.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and extraction of sensitive information (savedcredentials and passwords). Exploiting these vulnerabilities requires a user who has been assigned a low-privileged role within Veeam Backup \u0026 Replication."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-07T16:11:22.182Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4649"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-40710",
"datePublished": "2024-09-07T16:11:22.182Z",
"dateReserved": "2024-07-09T01:04:07.424Z",
"dateUpdated": "2024-09-09T16:28:11.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29851 (GCVE-0-2024-29851)
Vulnerability from cvelistv5
Published
2024-05-22 22:55
Modified
2024-09-19 01:50
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup & Replication |
Version: 12.1.2.172 ≤ |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:backup_enterprise_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "backup_enterprise_manager",
"vendor": "veeam",
"versions": [
{
"lessThan": "12.1.2.172",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29851",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T17:21:21.254544Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-294",
"description": "CWE-294 Authentication Bypass by Capture-replay",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T01:50:16.524Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://veeam.com/kb4581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Backup \u0026 Replication",
"vendor": "Veeam",
"versions": [
{
"lessThan": "12.1.2.172",
"status": "affected",
"version": "12.1.2.172",
"versionType": "semver"
},
{
"lessThanOrEqual": "11",
"status": "unaffected",
"version": "11",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-05-22T22:55:11.273Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://veeam.com/kb4581"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-29851",
"datePublished": "2024-05-22T22:55:11.273Z",
"dateReserved": "2024-03-21T01:04:07.089Z",
"dateUpdated": "2024-09-19T01:50:16.524Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35971 (GCVE-0-2021-35971)
Vulnerability from cvelistv5
Published
2021-06-30 14:28
Modified
2024-08-04 00:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.veeam.com/kb4126"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.veeam.com/kb4180"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T14:28:51",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.veeam.com/kb4126"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.veeam.com/kb4180"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-35971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.veeam.com/kb4126",
"refsource": "MISC",
"url": "https://www.veeam.com/kb4126"
},
{
"name": "https://www.veeam.com/kb4180",
"refsource": "MISC",
"url": "https://www.veeam.com/kb4180"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-35971",
"datePublished": "2021-06-30T14:28:51",
"dateReserved": "2021-06-30T00:00:00",
"dateUpdated": "2024-08-04T00:47:43.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29852 (GCVE-0-2024-29852)
Vulnerability from cvelistv5
Published
2024-05-22 22:55
Modified
2024-09-19 01:58
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup & Replication |
Version: 12.1.2.172 ≤ |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:backup_enterprise_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "backup_enterprise_manager",
"vendor": "veeam",
"versions": [
{
"lessThan": "12.1.2.172",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29852",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T01:56:57.765252Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-280",
"description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T01:58:15.369Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://veeam.com/kb4581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup \u0026 Replication",
"vendor": "Veeam",
"versions": [
{
"lessThan": "12.1.2.172",
"status": "affected",
"version": "12.1.2.172",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-05-22T22:55:11.272Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://veeam.com/kb4581"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-29852",
"datePublished": "2024-05-22T22:55:11.272Z",
"dateReserved": "2024-03-21T01:04:07.090Z",
"dateUpdated": "2024-09-19T01:58:15.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23121 (GCVE-0-2025-23121)
Vulnerability from cvelistv5
Published
2025-06-18 23:30
Modified
2025-06-23 16:05
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup and Recovery |
Version: 12.3.1 ≤ 12.3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-23T15:46:01.492099Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T16:05:49.555Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup and Recovery",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.3.1",
"status": "affected",
"version": "12.3.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user"
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-18T23:30:48.375Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4743"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2025-23121",
"datePublished": "2025-06-18T23:30:48.375Z",
"dateReserved": "2025-01-11T01:00:00.618Z",
"dateUpdated": "2025-06-23T16:05:49.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24286 (GCVE-0-2025-24286)
Vulnerability from cvelistv5
Published
2025-06-18 23:30
Modified
2025-06-23 16:05
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup and Recovery |
Version: 12.3 ≤ 12.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24286",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-23T15:45:53.280982Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T16:05:15.947Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup and Recovery",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.3",
"status": "affected",
"version": "12.3",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-18T23:30:51.882Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4743"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2025-24286",
"datePublished": "2025-06-18T23:30:51.882Z",
"dateReserved": "2025-01-17T01:00:07.457Z",
"dateUpdated": "2025-06-23T16:05:15.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39718 (GCVE-0-2024-39718)
Vulnerability from cvelistv5
Published
2024-09-07 16:11
Modified
2024-11-01 19:18
Severity ?
VLAI Severity ?
EPSS score ?
Summary
An improper input validation vulnerability that allows a low-privileged user to remotely remove files on the system with permissions equivalent to those of the service account.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup and Recovery |
Version: 12.1.2 ≤ 12.1.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39718",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T16:28:49.290660Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T19:18:00.417Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup and Recovery",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.1.2",
"status": "affected",
"version": "12.1.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper input validation vulnerability that allows a low-privileged user to remotely remove files on the system with permissions equivalent to those of the service account."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-07T16:11:22.180Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4649"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-39718",
"datePublished": "2024-09-07T16:11:22.180Z",
"dateReserved": "2024-06-28T01:04:08.821Z",
"dateUpdated": "2024-11-01T19:18:00.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40711 (GCVE-0-2024-40711)
Vulnerability from cvelistv5
Published
2024-09-07 16:11
Modified
2025-07-30 01:36
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup and Recovery |
Version: 12.1.2 ≤ 12.1.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:backup_\\\u0026_replication:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "backup_\\\u0026_replication",
"vendor": "veeam",
"versions": [
{
"lessThanOrEqual": "12.2.0.334",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40711",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-29T21:45:53.497382Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-10-17",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-40711"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:36:33.808Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"url": "https://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-17T00:00:00+00:00",
"value": "CVE-2024-40711 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup and Recovery",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.1.2",
"status": "affected",
"version": "12.1.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE)."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-07T16:11:22.213Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4649"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-40711",
"datePublished": "2024-09-07T16:11:22.213Z",
"dateReserved": "2024-07-09T01:04:07.425Z",
"dateUpdated": "2025-07-30T01:36:33.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29849 (GCVE-0-2024-29849)
Vulnerability from cvelistv5
Published
2024-05-22 22:55
Modified
2024-09-19 01:38
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup & Replication |
Version: 12.1.2.172 ≤ Version: 11.0.1.1261 P20240304 ≤ |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:backup_enterprise_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "backup_enterprise_manager",
"vendor": "veeam",
"versions": [
{
"lessThan": "12.1.2.172",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29849",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T01:37:31.279055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T01:38:17.699Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://veeam.com/kb4581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup \u0026 Replication",
"vendor": "Veeam",
"versions": [
{
"lessThan": "12.1.2.172",
"status": "affected",
"version": "12.1.2.172",
"versionType": "semver"
},
{
"lessThan": "11.0.1.1261 P20240304",
"status": "affected",
"version": "11.0.1.1261 P20240304",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-05-22T22:55:11.237Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://veeam.com/kb4581"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-29849",
"datePublished": "2024-05-22T22:55:11.237Z",
"dateReserved": "2024-03-21T01:04:07.089Z",
"dateUpdated": "2024-09-19T01:38:17.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26500 (GCVE-0-2022-26500)
Vulnerability from cvelistv5
Published
2022-03-17 20:56
Modified
2025-07-30 01:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:33.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://veeam.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.veeam.com/kb4288"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-26500",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T14:08:12.923583Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-12-13",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26500"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:37:45.958Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2022-12-13T00:00:00+00:00",
"value": "CVE-2022-26500 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper limitation of path names in Veeam Backup \u0026 Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-17T20:56:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://veeam.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.veeam.com/kb4288"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-26500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper limitation of path names in Veeam Backup \u0026 Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://veeam.com",
"refsource": "MISC",
"url": "https://veeam.com"
},
{
"name": "https://www.veeam.com/kb4288",
"refsource": "MISC",
"url": "https://www.veeam.com/kb4288"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-26500",
"datePublished": "2022-03-17T20:56:44.000Z",
"dateReserved": "2022-03-06T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:37:45.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40714 (GCVE-0-2024-40714)
Vulnerability from cvelistv5
Published
2024-09-07 16:11
Modified
2024-09-09 14:03
Severity ?
VLAI Severity ?
EPSS score ?
Summary
An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitive credentials during restore operations.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup and Recovery |
Version: 12.1.2 ≤ 12.1.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:backup_\\\u0026_replication:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "backup_\\\u0026_replication",
"vendor": "veeam",
"versions": [
{
"lessThanOrEqual": "12.1.2.172",
"status": "affected",
"version": "12",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40714",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T14:00:23.609127Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T14:03:17.836Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup and Recovery",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.1.2",
"status": "affected",
"version": "12.1.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitive credentials during restore operations."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-07T16:11:22.237Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4649"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-40714",
"datePublished": "2024-09-07T16:11:22.237Z",
"dateReserved": "2024-07-09T01:04:07.426Z",
"dateUpdated": "2024-09-09T14:03:17.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42456 (GCVE-0-2024-42456)
Vulnerability from cvelistv5
Published
2024-12-04 01:06
Modified
2024-12-04 16:48
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. This can result in unauthorized access, enabling the user to call privileged methods and initiate critical services. The issue arises due to insufficient permission requirements on the method, allowing users with low privileges to perform actions that should require higher-level permissions.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup & Replication |
Version: 12.2 ≤ 12.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:backup_and_replication:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "backup_and_replication",
"vendor": "veeam",
"versions": [
{
"lessThanOrEqual": "12.2.0.334",
"status": "affected",
"version": "12.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42456",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T16:48:18.329521Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T16:48:57.686Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup \u0026 Replication",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.2",
"status": "affected",
"version": "12.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Veeam Backup \u0026 Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. This can result in unauthorized access, enabling the user to call privileged methods and initiate critical services. The issue arises due to insufficient permission requirements on the method, allowing users with low privileges to perform actions that should require higher-level permissions."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T01:06:04.627Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4693"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-42456",
"datePublished": "2024-12-04T01:06:04.627Z",
"dateReserved": "2024-08-02T01:04:07.985Z",
"dateUpdated": "2024-12-04T16:48:57.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23120 (GCVE-0-2025-23120)
Vulnerability from cvelistv5
Published
2025-03-20 15:11
Modified
2025-03-20 16:13
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability allowing remote code execution (RCE) for domain users.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup and Recovery |
Version: 12.3 ≤ 12.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23120",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T15:53:52.128095Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T16:13:01.660Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://labs.watchtowr.com/by-executive-order-we-are-banning-blacklists-domain-level-rce-in-veeam-backup-replication-cve-2025-23120/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup and Recovery",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.3",
"status": "affected",
"version": "12.3",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability allowing remote code execution (RCE) for domain users."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T15:11:39.456Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4724"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2025-23120",
"datePublished": "2025-03-20T15:11:39.456Z",
"dateReserved": "2025-01-11T01:00:00.618Z",
"dateUpdated": "2025-03-20T16:13:01.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40717 (GCVE-0-2024-40717)
Vulnerability from cvelistv5
Published
2024-12-04 01:06
Modified
2025-03-13 17:40
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution (RCE) by updating existing jobs. These jobs can be configured to run pre- and post-scripts, which can be located on a network share and are executed with elevated privileges by default. The user can update a job and schedule it to run almost immediately, allowing arbitrary code execution on the server.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup & Replication |
Version: 12.2 ≤ 12.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:backup_and_replication:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "backup_and_replication",
"vendor": "veeam",
"versions": [
{
"lessThanOrEqual": "12.2.0.334",
"status": "affected",
"version": "12.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40717",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T16:32:56.308114Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T17:40:27.483Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup \u0026 Replication",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.2",
"status": "affected",
"version": "12.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Veeam Backup \u0026 Replication allows a low-privileged user with certain roles to perform remote code execution (RCE) by updating existing jobs. These jobs can be configured to run pre- and post-scripts, which can be located on a network share and are executed with elevated privileges by default. The user can update a job and schedule it to run almost immediately, allowing arbitrary code execution on the server."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T01:06:04.636Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4693"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-40717",
"datePublished": "2024-12-04T01:06:04.636Z",
"dateReserved": "2024-07-09T01:04:07.427Z",
"dateUpdated": "2025-03-13T17:40:27.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27532 (GCVE-0-2023-27532)
Vulnerability from cvelistv5
Published
2023-03-10 00:00
Modified
2025-07-30 01:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-306 - Missing Authentication for Critical Function ()
Summary
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Veeam Backup & Replication |
Version: Fixed Versions: v12 (build 12.0.0.1420 P20230223) Version: 11a (build 11.0.1.1261 P20230227) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:16:35.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.veeam.com/kb4424"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27532",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T21:19:54.717692Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-08-22",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-27532"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:37:30.226Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2023-08-22T00:00:00+00:00",
"value": "CVE-2023-27532 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Veeam Backup \u0026 Replication",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed Versions: v12 (build 12.0.0.1420 P20230223)"
},
{
"status": "affected",
"version": "11a (build 11.0.1.1261 P20230227)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in Veeam Backup \u0026 Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication for Critical Function (CWE-306)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-10T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4424"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-27532",
"datePublished": "2023-03-10T00:00:00.000Z",
"dateReserved": "2023-03-02T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:37:30.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42453 (GCVE-0-2024-42453)
Vulnerability from cvelistv5
Published
2024-12-04 01:06
Modified
2024-12-04 14:54
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially leading to Denial of Service (DoS) and data integrity issues. The vulnerability is caused by improper permission checks in methods accessed via management services.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup & Replication |
Version: 12.2 ≤ 12.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42453",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T14:53:56.348517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T14:54:37.763Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup \u0026 Replication",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.2",
"status": "affected",
"version": "12.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability Veeam Backup \u0026 Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially leading to Denial of Service (DoS) and data integrity issues. The vulnerability is caused by improper permission checks in methods accessed via management services."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T01:06:04.668Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4693"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-42453",
"datePublished": "2024-12-04T01:06:04.668Z",
"dateReserved": "2024-08-02T01:04:07.985Z",
"dateUpdated": "2024-12-04T14:54:37.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15518 (GCVE-0-2020-15518)
Vulnerability from cvelistv5
Published
2020-07-03 10:58
Modified
2024-08-04 13:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:15:20.723Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://zwclose.github.io/veeamon"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup \u0026 Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-03T10:58:45",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://zwclose.github.io/veeamon"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-15518",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup \u0026 Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://zwclose.github.io/veeamon",
"refsource": "MISC",
"url": "https://zwclose.github.io/veeamon"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-15518",
"datePublished": "2020-07-03T10:58:45",
"dateReserved": "2020-07-03T00:00:00",
"dateUpdated": "2024-08-04T13:15:20.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42451 (GCVE-0-2024-42451)
Vulnerability from cvelistv5
Published
2024-12-04 01:06
Modified
2024-12-04 14:53
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over an external protocol, ultimately retrieving the credentials using a malicious setup on the attacker's side. This exposes sensitive data, which could be used for further attacks, including unauthorized access to systems managed by the platform.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup & Replication |
Version: 12.2 ≤ 12.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T14:53:37.311607Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T14:53:46.665Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup \u0026 Replication",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.2",
"status": "affected",
"version": "12.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Veeam Backup \u0026 Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over an external protocol, ultimately retrieving the credentials using a malicious setup on the attacker\u0027s side. This exposes sensitive data, which could be used for further attacks, including unauthorized access to systems managed by the platform."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T01:06:04.677Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4693"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-42451",
"datePublished": "2024-12-04T01:06:04.677Z",
"dateReserved": "2024-08-02T01:04:07.984Z",
"dateUpdated": "2024-12-04T14:53:46.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40715 (GCVE-0-2024-40715)
Vulnerability from cvelistv5
Published
2024-11-07 16:40
Modified
2025-03-25 16:53
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle (MITM) attack to exploit this vulnerability.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Enterprise Manager |
Version: 12.2 ≤ 12.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:backup_\\\u0026_replication:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "backup_\\\u0026_replication",
"vendor": "veeam",
"versions": [
{
"lessThan": "12.2.0.334",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40715",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T18:21:50.437469Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-294",
"description": "CWE-294 Authentication Bypass by Capture-replay",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T16:53:22.623Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Enterprise Manager",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.2",
"status": "affected",
"version": "12.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Veeam Backup \u0026 Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle (MITM) attack to exploit this vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T16:40:37.566Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4682"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-40715",
"datePublished": "2024-11-07T16:40:37.566Z",
"dateReserved": "2024-07-09T01:04:07.426Z",
"dateUpdated": "2025-03-25T16:53:22.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5742 (GCVE-0-2015-5742)
Vulnerability from cvelistv5
Published
2015-10-16 20:00
Modified
2024-08-06 06:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
VeeamVixProxy in Veeam Backup & Replication (B&R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:59:04.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/133906/Veeam-Backup-And-Replication-6-7-8-Privilege-Escalation.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.veeam.com/kb2180"
},
{
"name": "20151008 Veeam Backup \u0026 Replication Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Oct/44"
},
{
"name": "20151008 Veeam Backup \u0026 Replication Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536647/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.veeam.com/kb2068"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ush.it/2015/10/08/veeam-backup-replication-6-7-8-local-privilege-escalation-vulnerability/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VeeamVixProxy in Veeam Backup \u0026 Replication (B\u0026R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/133906/Veeam-Backup-And-Replication-6-7-8-Privilege-Escalation.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.veeam.com/kb2180"
},
{
"name": "20151008 Veeam Backup \u0026 Replication Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Oct/44"
},
{
"name": "20151008 Veeam Backup \u0026 Replication Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536647/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.veeam.com/kb2068"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ush.it/2015/10/08/veeam-backup-replication-6-7-8-local-privilege-escalation-vulnerability/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5742",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VeeamVixProxy in Veeam Backup \u0026 Replication (B\u0026R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/133906/Veeam-Backup-And-Replication-6-7-8-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133906/Veeam-Backup-And-Replication-6-7-8-Privilege-Escalation.html"
},
{
"name": "https://www.veeam.com/kb2180",
"refsource": "CONFIRM",
"url": "https://www.veeam.com/kb2180"
},
{
"name": "20151008 Veeam Backup \u0026 Replication Local Privilege Escalation Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Oct/44"
},
{
"name": "20151008 Veeam Backup \u0026 Replication Local Privilege Escalation Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536647/100/0/threaded"
},
{
"name": "http://www.veeam.com/kb2068",
"refsource": "CONFIRM",
"url": "http://www.veeam.com/kb2068"
},
{
"name": "http://www.ush.it/2015/10/08/veeam-backup-replication-6-7-8-local-privilege-escalation-vulnerability/",
"refsource": "MISC",
"url": "http://www.ush.it/2015/10/08/veeam-backup-replication-6-7-8-local-privilege-escalation-vulnerability/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5742",
"datePublished": "2015-10-16T20:00:00",
"dateReserved": "2015-08-05T00:00:00",
"dateUpdated": "2024-08-06T06:59:04.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26501 (GCVE-0-2022-26501)
Vulnerability from cvelistv5
Published
2022-03-17 20:28
Modified
2025-07-30 01:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://veeam.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.veeam.com/kb4288"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-26501",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T14:08:49.677711Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-12-13",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26501"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:37:46.088Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2022-12-13T00:00:00+00:00",
"value": "CVE-2022-26501 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup \u0026 Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-17T21:21:40.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://veeam.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.veeam.com/kb4288"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-26501",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Veeam Backup \u0026 Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://veeam.com",
"refsource": "MISC",
"url": "https://veeam.com"
},
{
"name": "https://www.veeam.com/kb4288",
"refsource": "MISC",
"url": "https://www.veeam.com/kb4288"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-26501",
"datePublished": "2022-03-17T20:28:41.000Z",
"dateReserved": "2022-03-06T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:37:46.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42455 (GCVE-0-2024-42455)
Vulnerability from cvelistv5
Published
2024-12-04 01:06
Modified
2024-12-05 10:59
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service account privileges. The vulnerability is caused by an insufficient blacklist during the deserialization process.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup & Replication |
Version: 12.2 ≤ 12.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:backup_and_replication:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "backup_and_replication",
"vendor": "veeam",
"versions": [
{
"lessThanOrEqual": "12.2.0.334",
"status": "affected",
"version": "12.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42455",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T10:59:26.045567Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T10:59:46.913Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup \u0026 Replication",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.2",
"status": "affected",
"version": "12.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Veeam Backup \u0026 Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service account privileges. The vulnerability is caused by an insufficient blacklist during the deserialization process."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T01:06:04.626Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4693"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-42455",
"datePublished": "2024-12-04T01:06:04.626Z",
"dateReserved": "2024-08-02T01:04:07.985Z",
"dateUpdated": "2024-12-05T10:59:46.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2024-12-04 02:15
Modified
2025-04-24 17:10
Severity ?
Summary
A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service account privileges. The vulnerability is caused by an insufficient blacklist during the deserialization process.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4693 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97D6D507-5200-44A1-9122-C3CF8660C1C7",
"versionEndExcluding": "12.3.0.310",
"versionStartIncluding": "12.0.0.1402",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Veeam Backup \u0026 Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service account privileges. The vulnerability is caused by an insufficient blacklist during the deserialization process."
},
{
"lang": "es",
"value": " Una vulnerabilidad en Veeam Backup \u0026amp; Replication permite que un usuario con pocos privilegios se conecte a servicios remotos y aproveche la deserializaci\u00f3n insegura mediante el env\u00edo de una colecci\u00f3n de archivos temporales serializados. Esta vulnerabilidad permite al atacante eliminar cualquier archivo del sistema con privilegios de cuenta de servicio. La vulnerabilidad se debe a una lista negra insuficiente durante el proceso de deserializaci\u00f3n."
}
],
"id": "CVE-2024-42455",
"lastModified": "2025-04-24T17:10:10.817",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-04T02:15:04.937",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4693"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-06-19 00:15
Modified
2025-07-16 18:54
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Summary
A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4743 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC8A082E-1B7E-4832-A447-96D2FFFB30A1",
"versionEndExcluding": "12.3.2.3617",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code."
},
{
"lang": "es",
"value": "Una vulnerabilidad que permite a un usuario autenticado con el rol de Operador de respaldo modificar trabajos de respaldo, lo que podr\u00eda ejecutar c\u00f3digo arbitrario."
}
],
"id": "CVE-2025-24286",
"lastModified": "2025-07-16T18:54:49.457",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-06-19T00:15:22.093",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4743"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-07 17:15
Modified
2025-05-01 18:13
Severity ?
Summary
A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and extraction of sensitive information (savedcredentials and passwords). Exploiting these vulnerabilities requires a user who has been assigned a low-privileged role within Veeam Backup & Replication.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4649 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "558CF39E-DE64-41D4-A99E-74BCA1490CDB",
"versionEndExcluding": "12.2.0.334",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and extraction of sensitive information (savedcredentials and passwords). Exploiting these vulnerabilities requires a user who has been assigned a low-privileged role within Veeam Backup \u0026 Replication."
},
{
"lang": "es",
"value": "Una serie de vulnerabilidades relacionadas de alta gravedad, la m\u00e1s notable de las cuales permite la ejecuci\u00f3n remota de c\u00f3digo (RCE) como cuenta de servicio y la extracci\u00f3n de informaci\u00f3n confidencial (credenciales y contrase\u00f1as guardadas). Para explotar estas vulnerabilidades se requiere un usuario al que se le haya asignado un rol con pocos privilegios dentro de Veeam Backup \u0026amp; Replication"
}
],
"id": "CVE-2024-40710",
"lastModified": "2025-05-01T18:13:16.443",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-07T17:15:13.110",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4649"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-12-04 02:15
Modified
2025-04-24 17:08
Severity ?
Summary
A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and exploitation, leading to the leak of plaintext credentials to a malicious host. The attack is facilitated by improper usage of a method that allows operators to add a new host with an attacker-controlled IP, enabling them to retrieve sensitive credentials in plaintext.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4693 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97D6D507-5200-44A1-9122-C3CF8660C1C7",
"versionEndExcluding": "12.3.0.310",
"versionStartIncluding": "12.0.0.1402",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Veeam Backup \u0026 Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and exploitation, leading to the leak of plaintext credentials to a malicious host. The attack is facilitated by improper usage of a method that allows operators to add a new host with an attacker-controlled IP, enabling them to retrieve sensitive credentials in plaintext."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Veeam Backup \u0026amp; Replication permite a los usuarios con determinados roles de operador exponer las credenciales guardadas aprovechando una combinaci\u00f3n de m\u00e9todos en una interfaz de gesti\u00f3n remota. Esto se puede lograr utilizando un objeto de sesi\u00f3n que permite la enumeraci\u00f3n y explotaci\u00f3n de credenciales, lo que lleva a la filtraci\u00f3n de credenciales de texto sin formato a un host malicioso. El ataque se facilita mediante el uso indebido de un m\u00e9todo que permite a los operadores agregar un nuevo host con una IP controlada por el atacante, lo que les permite recuperar credenciales confidenciales en texto plano."
}
],
"id": "CVE-2024-42457",
"lastModified": "2025-04-24T17:08:34.490",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-04T02:15:05.133",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4693"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-07 17:15
Modified
2025-05-01 18:17
Severity ?
Summary
A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor Authentication (MFA) settings and bypass MFA.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4649 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "558CF39E-DE64-41D4-A99E-74BCA1490CDB",
"versionEndExcluding": "12.2.0.334",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup \u0026 Replication to alter Multi-Factor Authentication (MFA) settings and bypass MFA."
},
{
"lang": "es",
"value": "Una vulnerabilidad que permite a un usuario al que se le ha asignado un rol con pocos privilegios dentro de Veeam Backup \u0026amp; Replication alterar la configuraci\u00f3n de autenticaci\u00f3n multifactor (MFA) y omitirla."
}
],
"id": "CVE-2024-40713",
"lastModified": "2025-05-01T18:17:17.203",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-07T17:15:13.550",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4649"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-22 23:15
Modified
2025-07-03 16:13
Severity ?
Summary
Veeam Backup Enterprise Manager allows account takeover via NTLM relay.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://veeam.com/kb4581 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://veeam.com/kb4581 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7526D5A9-9B64-44E8-BA07-D2BA84E410D2",
"versionEndExcluding": "12.1.2.172",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup Enterprise Manager allows account takeover via NTLM relay."
},
{
"lang": "es",
"value": "Veeam Backup Enterprise Manager permite la adquisici\u00f3n de cuentas a trav\u00e9s de retransmisi\u00f3n NTLM."
}
],
"id": "CVE-2024-29850",
"lastModified": "2025-07-03T16:13:04.360",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "support@hackerone.com",
"type": "Secondary"
}
]
},
"published": "2024-05-22T23:15:08.857",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com/kb4581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com/kb4581"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-294"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-12-04 02:15
Modified
2025-04-24 17:09
Severity ?
Summary
A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. This can result in unauthorized access, enabling the user to call privileged methods and initiate critical services. The issue arises due to insufficient permission requirements on the method, allowing users with low privileges to perform actions that should require higher-level permissions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4693 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97D6D507-5200-44A1-9122-C3CF8660C1C7",
"versionEndExcluding": "12.3.0.310",
"versionStartIncluding": "12.0.0.1402",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Veeam Backup \u0026 Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. This can result in unauthorized access, enabling the user to call privileged methods and initiate critical services. The issue arises due to insufficient permission requirements on the method, allowing users with low privileges to perform actions that should require higher-level permissions."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la plataforma Veeam Backup \u0026amp; Replication permite que un usuario con pocos privilegios y un rol espec\u00edfico aproveche un m\u00e9todo que actualiza ajustes de configuraci\u00f3n cr\u00edticos, como modificar el certificado de cliente de confianza utilizado para la autenticaci\u00f3n en un puerto espec\u00edfico. Esto puede generar un acceso no autorizado, lo que permite al usuario llamar a m\u00e9todos privilegiados e iniciar servicios cr\u00edticos. El problema surge debido a que no se cumplen los requisitos de permisos suficientes en el m\u00e9todo, lo que permite que los usuarios con pocos privilegios realicen acciones que deber\u00edan requerir permisos de nivel superior."
}
],
"id": "CVE-2024-42456",
"lastModified": "2025-04-24T17:09:48.047",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-04T02:15:05.033",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4693"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-10-16 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
VeeamVixProxy in Veeam Backup & Replication (B&R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EF6BD83-42F2-4EA9-8291-7D15338367C5",
"versionEndIncluding": "8.0.0.2030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VeeamVixProxy in Veeam Backup \u0026 Replication (B\u0026R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files."
},
{
"lang": "es",
"value": "VeeamVixProxy en Veeam Backup \u0026 Replication (B\u0026R) en versiones anteriores a 8.0 update 3 almacena credenciales de administrador local en archivos de log con permisos de lectura para todos, lo que permite a usuarios locales obtener informaci\u00f3n sensible mediante la lectura de archivos."
}
],
"id": "CVE-2015-5742",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-10-16T20:59:12.590",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/133906/Veeam-Backup-And-Replication-6-7-8-Privilege-Escalation.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2015/Oct/44"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/536647/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.ush.it/2015/10/08/veeam-backup-replication-6-7-8-local-privilege-escalation-vulnerability/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.veeam.com/kb2068"
},
{
"source": "cve@mitre.org",
"url": "https://www.veeam.com/kb2180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/133906/Veeam-Backup-And-Replication-6-7-8-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2015/Oct/44"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/536647/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.ush.it/2015/10/08/veeam-backup-replication-6-7-8-local-privilege-escalation-vulnerability/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.veeam.com/kb2068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.veeam.com/kb2180"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-17 21:15
Modified
2024-11-21 06:54
Severity ?
Summary
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://veeam.com | Vendor Advisory | |
| cve@mitre.org | https://www.veeam.com/kb4290 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://veeam.com | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.veeam.com/kb4290 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | 9.5.0.1536 | |
| veeam | veeam_backup_\&_replication | 9.5.4.2615 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "837D781D-E21B-458C-8D4A-59949CE4D580",
"versionEndExcluding": "10.0.1.4854",
"versionStartIncluding": "10.0.0.4442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0C1BCB-A018-4425-AC3D-0CE6EAEF372F",
"versionEndExcluding": "11.0.1.1261",
"versionStartIncluding": "11.0.0.825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:9.5.0.1536:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC7D0C1-0A10-4704-B8A0-ADFB8B2BA1BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:9.5.4.2615:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5BA0C4-F689-4B0E-BBB5-051DEDF40721",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:-:*:*:*:*:*:*",
"matchCriteriaId": "12E8F01F-4E41-46F0-94BC-DD5174DDF393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:p20201202:*:*:*:*:*:*",
"matchCriteriaId": "E0417823-7418-4294-BE57-0304772DFE39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:p20210609:*:*:*:*:*:*",
"matchCriteriaId": "06BE9B78-075C-48E6-817A-5E0A89983EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:p20220304:*:*:*:*:*:*",
"matchCriteriaId": "0209ABC3-BF7B-4051-A836-9F9A650B3582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:-:*:*:*:*:*:*",
"matchCriteriaId": "EC28D606-0A9B-46E5-A88C-8041357979DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211123:*:*:*:*:*:*",
"matchCriteriaId": "8158D6BC-2041-4600-B935-AD928621D987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211211:*:*:*:*:*:*",
"matchCriteriaId": "54A5147A-341A-4790-AAA8-DF2648423C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20220302:*:*:*:*:*:*",
"matchCriteriaId": "0F5A2E58-F9C3-4A65-A83B-C86C970A01D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in Veeam Backup \u0026 Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe"
},
{
"lang": "es",
"value": "Una autenticaci\u00f3n inapropiada en Veeam Backup \u0026amp; Replication versiones 9.5U3, 9.5U4,10.x y 11.x, componente usado para Microsoft System Center Virtual Machine Manager (SCVMM) permite a atacantes ejecutar c\u00f3digo arbitrario por medio del archivo Veeam.Backup.PSManager.exe"
}
],
"id": "CVE-2022-26504",
"lastModified": "2024-11-21T06:54:04.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-17T21:15:08.273",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4290"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-07 17:15
Modified
2024-12-20 16:35
Severity ?
Summary
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4649 | Vendor Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"cisaActionDue": "2024-11-07",
"cisaExploitAdd": "2024-10-17",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Veeam Backup and Replication Deserialization Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AD538F-6D77-4528-9BD8-C06E1CD65354",
"versionEndExcluding": "12.2.0.334",
"versionStartIncluding": "12.0.0.1420",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE)."
},
{
"lang": "es",
"value": "Una vulnerabilidad de deserializaci\u00f3n de datos no confiables con un payload malicioso puede permitir una ejecuci\u00f3n remota de c\u00f3digo no autenticada (RCE)."
}
],
"id": "CVE-2024-40711",
"lastModified": "2024-12-20T16:35:59.103",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-07T17:15:13.260",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4649"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2/"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-17 21:15
Modified
2025-04-04 17:53
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://veeam.com | Vendor Advisory | |
| cve@mitre.org | https://www.veeam.com/kb4288 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://veeam.com | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.veeam.com/kb4288 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 |
{
"cisaActionDue": "2023-01-03",
"cisaExploitAdd": "2022-12-13",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Veeam Backup \u0026 Replication Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "837D781D-E21B-458C-8D4A-59949CE4D580",
"versionEndExcluding": "10.0.1.4854",
"versionStartIncluding": "10.0.0.4442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0C1BCB-A018-4425-AC3D-0CE6EAEF372F",
"versionEndExcluding": "11.0.1.1261",
"versionStartIncluding": "11.0.0.825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:-:*:*:*:*:*:*",
"matchCriteriaId": "12E8F01F-4E41-46F0-94BC-DD5174DDF393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:p20201202:*:*:*:*:*:*",
"matchCriteriaId": "E0417823-7418-4294-BE57-0304772DFE39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:p20210609:*:*:*:*:*:*",
"matchCriteriaId": "06BE9B78-075C-48E6-817A-5E0A89983EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:-:*:*:*:*:*:*",
"matchCriteriaId": "EC28D606-0A9B-46E5-A88C-8041357979DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211123:*:*:*:*:*:*",
"matchCriteriaId": "8158D6BC-2041-4600-B935-AD928621D987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211211:*:*:*:*:*:*",
"matchCriteriaId": "54A5147A-341A-4790-AAA8-DF2648423C50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup \u0026 Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2)."
},
{
"lang": "es",
"value": "Veeam Backup \u0026amp; Replication versiones 10.x y 11.x, presenta un Control de Acceso Incorrecto (problema 1 de 2)"
}
],
"id": "CVE-2022-26501",
"lastModified": "2025-04-04T17:53:23.537",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-03-17T21:15:08.233",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4288"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-10 22:15
Modified
2025-03-13 19:36
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4424 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.veeam.com/kb4424 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 12.0.0.1420 |
{
"cisaActionDue": "2023-09-12",
"cisaExploitAdd": "2023-08-22",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Veeam Backup \u0026 Replication Cloud Connect Missing Authentication for Critical Function Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCD9FAE2-4E62-41AC-85EC-5793FD30A3AD",
"versionEndExcluding": "11.0.1.1261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:-:*:*:*:*:*:*",
"matchCriteriaId": "EC28D606-0A9B-46E5-A88C-8041357979DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211123:*:*:*:*:*:*",
"matchCriteriaId": "8158D6BC-2041-4600-B935-AD928621D987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211211:*:*:*:*:*:*",
"matchCriteriaId": "54A5147A-341A-4790-AAA8-DF2648423C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20220302:*:*:*:*:*:*",
"matchCriteriaId": "0F5A2E58-F9C3-4A65-A83B-C86C970A01D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:12.0.0.1420:-:*:*:*:*:*:*",
"matchCriteriaId": "CA570EC1-4A95-4AD3-8E8C-087769F95F02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in Veeam Backup \u0026 Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts."
}
],
"id": "CVE-2023-27532",
"lastModified": "2025-03-13T19:36:27.100",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-03-10T22:15:10.557",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4424"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-22 23:15
Modified
2025-07-03 16:11
Severity ?
Summary
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://veeam.com/kb4581 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://veeam.com/kb4581 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7526D5A9-9B64-44E8-BA07-D2BA84E410D2",
"versionEndExcluding": "12.1.2.172",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account."
},
{
"lang": "es",
"value": "Veeam Backup Enterprise Manager permite a los usuarios con altos privilegios robar el hash NTLM de la cuenta de servicio de Enterprise Manager."
}
],
"id": "CVE-2024-29851",
"lastModified": "2025-07-03T16:11:32.280",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "support@hackerone.com",
"type": "Secondary"
}
]
},
"published": "2024-05-22T23:15:09.027",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com/kb4581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com/kb4581"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-294"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-12-04 02:15
Modified
2025-04-24 17:20
Severity ?
Summary
A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over an external protocol, ultimately retrieving the credentials using a malicious setup on the attacker's side. This exposes sensitive data, which could be used for further attacks, including unauthorized access to systems managed by the platform.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4693 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97D6D507-5200-44A1-9122-C3CF8660C1C7",
"versionEndExcluding": "12.3.0.310",
"versionStartIncluding": "12.0.0.1402",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Veeam Backup \u0026 Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over an external protocol, ultimately retrieving the credentials using a malicious setup on the attacker\u0027s side. This exposes sensitive data, which could be used for further attacks, including unauthorized access to systems managed by the platform."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Veeam Backup \u0026amp; Replication permite a los usuarios con pocos privilegios filtrar todas las credenciales guardadas en texto plano. Esto se logra llamando a una serie de m\u00e9todos a trav\u00e9s de un protocolo externo y, en \u00faltima instancia, recuperando las credenciales mediante una configuraci\u00f3n maliciosa del lado del atacante. Esto expone datos confidenciales, que podr\u00edan usarse para otros ataques, incluido el acceso no autorizado a los sistemas administrados por la plataforma."
}
],
"id": "CVE-2024-42451",
"lastModified": "2025-04-24T17:20:53.130",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-04T02:15:04.643",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4693"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-312"
},
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-03 11:15
Modified
2024-11-21 05:05
Severity ?
Summary
VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://zwclose.github.io/veeamon | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://zwclose.github.io/veeamon | Exploit, Technical Description, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_availability_suite | * | |
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_availability_suite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27486AF3-4E86-4ABC-B227-518697CB022E",
"versionEndExcluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FAF796D-3A88-4D85-B1EC-97919DE740DC",
"versionEndExcluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup \u0026 Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests."
},
{
"lang": "es",
"value": "La biblioteca VeeamFSR.sys en Veeam Availability Suite versiones anteriores a 10 y Veeam Backup \u0026amp; Replication versiones anteriores a 10, no posee una DACL de objeto de dispositivo, lo que permite a usuarios no privilegiados alcanzar un control total sobre las peticiones I/O del sistema de archivos"
}
],
"id": "CVE-2020-15518",
"lastModified": "2024-11-21T05:05:41.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-03T11:15:10.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://zwclose.github.io/veeamon"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://zwclose.github.io/veeamon"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-17 21:15
Modified
2025-04-03 18:54
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://veeam.com | Vendor Advisory | |
| cve@mitre.org | https://www.veeam.com/kb4288 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://veeam.com | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.veeam.com/kb4288 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | 9.5.0.1536 | |
| veeam | veeam_backup_\&_replication | 9.5.4.2615 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 |
{
"cisaActionDue": "2023-01-03",
"cisaExploitAdd": "2022-12-13",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Veeam Backup \u0026 Replication Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "837D781D-E21B-458C-8D4A-59949CE4D580",
"versionEndExcluding": "10.0.1.4854",
"versionStartIncluding": "10.0.0.4442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0C1BCB-A018-4425-AC3D-0CE6EAEF372F",
"versionEndExcluding": "11.0.1.1261",
"versionStartIncluding": "11.0.0.825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:9.5.0.1536:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC7D0C1-0A10-4704-B8A0-ADFB8B2BA1BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:9.5.4.2615:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5BA0C4-F689-4B0E-BBB5-051DEDF40721",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:-:*:*:*:*:*:*",
"matchCriteriaId": "12E8F01F-4E41-46F0-94BC-DD5174DDF393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:p20201202:*:*:*:*:*:*",
"matchCriteriaId": "E0417823-7418-4294-BE57-0304772DFE39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:p20210609:*:*:*:*:*:*",
"matchCriteriaId": "06BE9B78-075C-48E6-817A-5E0A89983EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:-:*:*:*:*:*:*",
"matchCriteriaId": "EC28D606-0A9B-46E5-A88C-8041357979DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211123:*:*:*:*:*:*",
"matchCriteriaId": "8158D6BC-2041-4600-B935-AD928621D987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211211:*:*:*:*:*:*",
"matchCriteriaId": "54A5147A-341A-4790-AAA8-DF2648423C50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper limitation of path names in Veeam Backup \u0026 Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code."
},
{
"lang": "es",
"value": "Una limitaci\u00f3n inapropiada de los nombres de las rutas en Veeam Backup \u0026amp; Replication versiones 9.5U3, 9.5U4,10.x y 11.x, permite a usuarios remotos autenticados acceder a funciones internas de la API que permiten a atacantes cargar y ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2022-26500",
"lastModified": "2025-04-03T18:54:21.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-03-17T21:15:08.193",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4288"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-07 17:15
Modified
2025-07-11 13:57
Severity ?
Summary
A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle (MITM) attack to exploit this vulnerability.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4682 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "558CF39E-DE64-41D4-A99E-74BCA1490CDB",
"versionEndExcluding": "12.2.0.334",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Veeam Backup \u0026 Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle (MITM) attack to exploit this vulnerability."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Veeam Backup \u0026amp; Replication Enterprise Manager que permite a los atacantes eludir la autenticaci\u00f3n. Los atacantes deben poder realizar un ataque Man-in-the-Middle (MITM) para aprovechar esta vulnerabilidad."
}
],
"id": "CVE-2024-40715",
"lastModified": "2025-07-11T13:57:02.997",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.5,
"source": "support@hackerone.com",
"type": "Secondary"
}
]
},
"published": "2024-11-07T17:15:08.083",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4682"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-294"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-03-20 16:15
Modified
2025-04-02 16:01
Severity ?
Summary
A vulnerability allowing remote code execution (RCE) for domain users.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA5FCEB-9C3E-4C3E-B98A-91C25BC4FCB5",
"versionEndExcluding": "12.3.1.1139",
"versionStartIncluding": "12.0.0.1402",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability allowing remote code execution (RCE) for domain users."
},
{
"lang": "es",
"value": "Una vulnerabilidad que permite la ejecuci\u00f3n remota de c\u00f3digo (RCE) para usuarios del dominio."
}
],
"id": "CVE-2025-23120",
"lastModified": "2025-04-02T16:01:20.857",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-03-20T16:15:16.380",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4724"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://labs.watchtowr.com/by-executive-order-we-are-banning-blacklists-domain-level-rce-in-veeam-backup-replication-cve-2025-23120/"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-07 17:15
Modified
2025-05-01 18:17
Severity ?
Summary
A path traversal vulnerability allows an attacker with a low-privileged account and local access to the system to perform local privilege escalation (LPE).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4649 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "558CF39E-DE64-41D4-A99E-74BCA1490CDB",
"versionEndExcluding": "12.2.0.334",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability allows an attacker with a low-privileged account and local access to the system to perform local privilege escalation (LPE)."
},
{
"lang": "es",
"value": "Una vulnerabilidad de path traversal permite que un atacante con una cuenta con pocos privilegios y acceso local al sistema realice una escalada de privilegios local (LPE)."
}
],
"id": "CVE-2024-40712",
"lastModified": "2025-05-01T18:17:14.087",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-07T17:15:13.410",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4649"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-07 17:15
Modified
2025-05-08 14:41
Severity ?
Summary
An improper input validation vulnerability that allows a low-privileged user to remotely remove files on the system with permissions equivalent to those of the service account.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4649 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B63D2366-592B-4D4D-A119-62149B615FAE",
"versionEndExcluding": "12.2.0.334",
"versionStartIncluding": "12.0.0.1402",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper input validation vulnerability that allows a low-privileged user to remotely remove files on the system with permissions equivalent to those of the service account."
},
{
"lang": "es",
"value": "Una vulnerabilidad de validaci\u00f3n de entrada incorrecta que permite a un usuario con pocos privilegios eliminar de forma remota archivos del sistema con permisos equivalentes a los de la cuenta de servicio."
}
],
"id": "CVE-2024-39718",
"lastModified": "2025-05-08T14:41:42.840",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-07T17:15:12.807",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4649"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-12-04 02:15
Modified
2025-04-24 17:20
Severity ?
Summary
A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges. The vulnerability exists because remote calls bypass permission checks, leading to full system compromise.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4693 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97D6D507-5200-44A1-9122-C3CF8660C1C7",
"versionEndExcluding": "12.3.0.310",
"versionStartIncluding": "12.0.0.1402",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Veeam Backup \u0026 Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges. The vulnerability exists because remote calls bypass permission checks, leading to full system compromise."
},
{
"lang": "es",
"value": " Una vulnerabilidad en Veeam Backup \u0026amp; Replication permite a un usuario con pocos privilegios iniciar un agente de forma remota en modo servidor y obtener credenciales, lo que aumenta los privilegios a nivel de sistema. Esto permite al atacante cargar archivos al servidor con privilegios elevados. La vulnerabilidad existe porque las llamadas remotas eluden las comprobaciones de permisos, lo que lleva a un compromiso total del sistema."
}
],
"id": "CVE-2024-42452",
"lastModified": "2025-04-24T17:20:29.923",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-04T02:15:04.747",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4693"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-12-04 02:15
Modified
2025-04-24 17:11
Severity ?
Summary
A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially leading to Denial of Service (DoS) and data integrity issues. The vulnerability is caused by improper permission checks in methods accessed via management services.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4693 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97D6D507-5200-44A1-9122-C3CF8660C1C7",
"versionEndExcluding": "12.3.0.310",
"versionStartIncluding": "12.0.0.1402",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability Veeam Backup \u0026 Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially leading to Denial of Service (DoS) and data integrity issues. The vulnerability is caused by improper permission checks in methods accessed via management services."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Veeam Backup \u0026amp; Replication permite a los usuarios con pocos privilegios controlar y modificar las configuraciones de los hosts de infraestructura virtual conectados. Esto incluye la capacidad de apagar m\u00e1quinas virtuales, eliminar archivos del almacenamiento y realizar cambios de configuraci\u00f3n, lo que puede provocar denegaci\u00f3n de servicio (DoS) y problemas de integridad de los datos. La vulnerabilidad se debe a comprobaciones de permisos incorrectas en los m\u00e9todos a los que se accede a trav\u00e9s de los servicios de administraci\u00f3n."
}
],
"id": "CVE-2024-42453",
"lastModified": "2025-04-24T17:11:34.860",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 3.7,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-04T02:15:04.837",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4693"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-12-04 02:15
Modified
2025-04-24 16:59
Severity ?
Summary
A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials. The exploitation involves using retrieved credentials to expose sensitive NTLM hashes, impacting systems beyond the initial target and potentially leading to broader security vulnerabilities.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4693 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97D6D507-5200-44A1-9122-C3CF8660C1C7",
"versionEndExcluding": "12.3.0.310",
"versionStartIncluding": "12.0.0.1402",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials. The exploitation involves using retrieved credentials to expose sensitive NTLM hashes, impacting systems beyond the initial target and potentially leading to broader security vulnerabilities."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad en la que un usuario con pocos privilegios puede aprovechar la falta de permisos en el manejo de credenciales para filtrar hashes NTLM de credenciales guardadas. La explotaci\u00f3n implica el uso de credenciales recuperadas para exponer hashes NTLM confidenciales, lo que afecta a sistemas m\u00e1s all\u00e1 del objetivo inicial y puede generar vulnerabilidades de seguridad m\u00e1s amplias."
}
],
"id": "CVE-2024-45204",
"lastModified": "2025-04-24T16:59:33.837",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-04T02:15:05.233",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4693"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-07 17:15
Modified
2025-05-01 18:17
Severity ?
Summary
An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitive credentials during restore operations.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4649 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "558CF39E-DE64-41D4-A99E-74BCA1490CDB",
"versionEndExcluding": "12.2.0.334",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitive credentials during restore operations."
},
{
"lang": "es",
"value": "Una vulnerabilidad de validaci\u00f3n de certificado incorrecta en la validaci\u00f3n de certificados TLS permite que un atacante en la misma red intercepte credenciales confidenciales durante las operaciones de restauraci\u00f3n."
}
],
"id": "CVE-2024-40714",
"lastModified": "2025-05-01T18:17:19.890",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-07T17:15:13.690",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4649"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-12-04 02:15
Modified
2025-04-24 17:21
Severity ?
Summary
A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution (RCE) by updating existing jobs. These jobs can be configured to run pre- and post-scripts, which can be located on a network share and are executed with elevated privileges by default. The user can update a job and schedule it to run almost immediately, allowing arbitrary code execution on the server.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4693 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97D6D507-5200-44A1-9122-C3CF8660C1C7",
"versionEndExcluding": "12.3.0.310",
"versionStartIncluding": "12.0.0.1402",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Veeam Backup \u0026 Replication allows a low-privileged user with certain roles to perform remote code execution (RCE) by updating existing jobs. These jobs can be configured to run pre- and post-scripts, which can be located on a network share and are executed with elevated privileges by default. The user can update a job and schedule it to run almost immediately, allowing arbitrary code execution on the server."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Veeam Backup \u0026amp; Replication permite que un usuario con pocos privilegios y determinados roles realice una ejecuci\u00f3n remota de c\u00f3digo (RCE) mediante la actualizaci\u00f3n de trabajos existentes. Estos trabajos se pueden configurar para ejecutar scripts previos y posteriores, que pueden estar ubicados en un recurso compartido de red y se ejecutan con privilegios elevados de forma predeterminada. El usuario puede actualizar un trabajo y programarlo para que se ejecute casi de inmediato, lo que permite la ejecuci\u00f3n de c\u00f3digo arbitrario en el servidor."
}
],
"id": "CVE-2024-40717",
"lastModified": "2025-04-24T17:21:39.267",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-04T02:15:04.410",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4693"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-22 23:15
Modified
2025-07-03 16:14
Severity ?
Summary
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://veeam.com/kb4581 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://veeam.com/kb4581 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7526D5A9-9B64-44E8-BA07-D2BA84E410D2",
"versionEndExcluding": "12.1.2.172",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface."
},
{
"lang": "es",
"value": "Veeam Backup Enterprise Manager permite a los usuarios no autenticados iniciar sesi\u00f3n como cualquier usuario en la interfaz web del administrador empresarial."
}
],
"id": "CVE-2024-29849",
"lastModified": "2025-07-03T16:14:42.933",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "support@hackerone.com",
"type": "Secondary"
}
]
},
"published": "2024-05-22T23:15:08.683",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com/kb4581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com/kb4581"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-06-19 00:15
Modified
2025-07-15 14:01
Severity ?
Summary
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4743 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC8A082E-1B7E-4832-A447-96D2FFFB30A1",
"versionEndExcluding": "12.3.2.3617",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user"
},
{
"lang": "es",
"value": "Una vulnerabilidad que permite la ejecuci\u00f3n remota de c\u00f3digo (RCE) en el servidor de respaldo por parte de un usuario de dominio autenticado"
}
],
"id": "CVE-2025-23121",
"lastModified": "2025-07-15T14:01:16.960",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-06-19T00:15:21.260",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4743"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-22 23:15
Modified
2025-07-03 15:48
Severity ?
Summary
Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://veeam.com/kb4581 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://veeam.com/kb4581 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7526D5A9-9B64-44E8-BA07-D2BA84E410D2",
"versionEndExcluding": "12.1.2.172",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs."
},
{
"lang": "es",
"value": "Veeam Backup Enterprise Manager permite a los usuarios con altos privilegios leer registros de sesiones de respaldo."
}
],
"id": "CVE-2024-29852",
"lastModified": "2025-07-03T15:48:06.303",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4,
"source": "support@hackerone.com",
"type": "Secondary"
}
]
},
"published": "2024-05-22T23:15:09.193",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com/kb4581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com/kb4581"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-280"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 15:15
Modified
2024-11-21 06:12
Severity ?
Summary
Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.veeam.com/kb4126 | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://www.veeam.com/kb4180 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.veeam.com/kb4126 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.veeam.com/kb4180 | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "222F0382-0C41-4AF1-83E6-217CFDC6B148",
"versionEndExcluding": "10.0.1.4854",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63AE8555-9E8A-4BB3-8DFC-4596A648CD11",
"versionEndExcluding": "11.0.0.837",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting."
},
{
"lang": "es",
"value": "Veeam Backup and Replication versiones 10 anteriores a 10.0.1.4854 P20210609 y versiones 11 anteriores a 11.0.0.837 P20210507, maneja inapropiadamente la deserializaci\u00f3n durante el remoting de Microsoft .NET"
}
],
"id": "CVE-2021-35971",
"lastModified": "2024-11-21T06:12:51.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T15:15:10.563",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4126"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4180"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}