A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and exploitation, leading to the leak of plaintext credentials to a malicious host. The attack is facilitated by improper usage of a method that allows operators to add a new host with an attacker-controlled IP, enabling them to retrieve sensitive credentials in plaintext.
References
History

Wed, 04 Dec 2024 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-522
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 04 Dec 2024 01:45:00 +0000

Type Values Removed Values Added
Description A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and exploitation, leading to the leak of plaintext credentials to a malicious host. The attack is facilitated by improper usage of a method that allows operators to add a new host with an attacker-controlled IP, enabling them to retrieve sensitive credentials in plaintext.
References
Metrics cvssV3_0

{'score': 7.7, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: hackerone

Published: 2024-12-04T01:06:04.658Z

Updated: 2024-12-04T16:00:32.213Z

Reserved: 2024-08-02T01:04:07.985Z

Link: CVE-2024-42457

cve-icon Vulnrichment

Updated: 2024-12-04T15:59:08.922Z

cve-icon NVD

Status : Received

Published: 2024-12-04T02:15:05.133

Modified: 2024-12-04T16:15:25.450

Link: CVE-2024-42457

cve-icon Redhat

No data.