9
CVE-2022-26504
- EPSS 0.44%
- Veröffentlicht 17.03.2022 21:15:08
- Zuletzt bearbeitet 21.11.2024 06:54:04
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginImproper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Veeam ≫ Veeam Backup & Replication Version >= 10.0.0.4442 < 10.0.1.4854
Veeam ≫ Veeam Backup & Replication Version >= 11.0.0.825 < 11.0.1.1261
Veeam ≫ Veeam Backup & Replication Version9.5.0.1536
Veeam ≫ Veeam Backup & Replication Version9.5.4.2615
Veeam ≫ Veeam Backup & Replication Version10.0.1.4854 Update-
Veeam ≫ Veeam Backup & Replication Version10.0.1.4854 Updatep20201202
Veeam ≫ Veeam Backup & Replication Version10.0.1.4854 Updatep20210609
Veeam ≫ Veeam Backup & Replication Version10.0.1.4854 Updatep20220304
Veeam ≫ Veeam Backup & Replication Version11.0.1.1261 Update-
Veeam ≫ Veeam Backup & Replication Version11.0.1.1261 Updatep20211123
Veeam ≫ Veeam Backup & Replication Version11.0.1.1261 Updatep20211211
Veeam ≫ Veeam Backup & Replication Version11.0.1.1261 Updatep20220302
16.03.2022: CERT.at Warnung
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.44% | 0.625 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 9 | 8 | 10 |
AV:N/AC:L/Au:S/C:C/I:C/A:C
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.