Filtered by vendor Veeam
Subscriptions
Filtered by product Backup \& Replication
Subscriptions
Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-40711 | 1 Veeam | 2 Backup \& Replication, Veeam Backup \& Replication | 2024-12-20 | 9.8 Critical |
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE). | ||||
CVE-2024-40715 | 1 Veeam | 1 Backup \& Replication | 2024-11-08 | N/A |
A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle (MITM) attack to exploit this vulnerability. | ||||
CVE-2024-40710 | 1 Veeam | 1 Backup \& Replication | 2024-09-09 | N/A |
A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and extraction of sensitive information (savedcredentials and passwords). Exploiting these vulnerabilities requires a user who has been assigned a low-privileged role within Veeam Backup & Replication. | ||||
CVE-2024-40712 | 1 Veeam | 1 Backup \& Replication | 2024-09-09 | N/A |
A path traversal vulnerability allows an attacker with a low-privileged account and local access to the system to perform local privilege escalation (LPE). | ||||
CVE-2024-40713 | 1 Veeam | 1 Backup \& Replication | 2024-09-09 | N/A |
A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor Authentication (MFA) settings and bypass MFA. | ||||
CVE-2024-40714 | 1 Veeam | 1 Backup \& Replication | 2024-09-09 | N/A |
An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitive credentials during restore operations. |
Page 1 of 1.