A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and exploitation, leading to the leak of plaintext credentials to a malicious host. The attack is facilitated by improper usage of a method that allows operators to add a new host with an attacker-controlled IP, enabling them to retrieve sensitive credentials in plaintext.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.veeam.com/kb4693 |
History
Wed, 04 Dec 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-522 | |
Metrics |
ssvc
|
Wed, 04 Dec 2024 01:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and exploitation, leading to the leak of plaintext credentials to a malicious host. The attack is facilitated by improper usage of a method that allows operators to add a new host with an attacker-controlled IP, enabling them to retrieve sensitive credentials in plaintext. | |
References |
| |
Metrics |
cvssV3_0
|
MITRE
Status: PUBLISHED
Assigner: hackerone
Published: 2024-12-04T01:06:04.658Z
Updated: 2024-12-04T16:00:32.213Z
Reserved: 2024-08-02T01:04:07.985Z
Link: CVE-2024-42457
Vulnrichment
Updated: 2024-12-04T15:59:08.922Z
NVD
Status : Received
Published: 2024-12-04T02:15:05.133
Modified: 2024-12-04T16:15:25.450
Link: CVE-2024-42457
Redhat
No data.