CVE-2024-40714
- EPSS 0.53%
- Veröffentlicht 07.09.2024 17:15:13
- Zuletzt bearbeitet 01.05.2025 18:17:19
An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitive credentials during restore operations.
CVE-2024-40713
- EPSS 0.03%
- Veröffentlicht 07.09.2024 17:15:13
- Zuletzt bearbeitet 01.05.2025 18:17:17
A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor Authentication (MFA) settings and bypass MFA.
CVE-2024-40712
- EPSS 0.34%
- Veröffentlicht 07.09.2024 17:15:13
- Zuletzt bearbeitet 01.05.2025 18:17:14
A path traversal vulnerability allows an attacker with a low-privileged account and local access to the system to perform local privilege escalation (LPE).
CVE-2024-40710
- EPSS 9.11%
- Veröffentlicht 07.09.2024 17:15:13
- Zuletzt bearbeitet 01.05.2025 18:13:16
A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and extraction of sensitive information (savedcredentials and passwords). Exploiting these vulnerabilities requires a user...
CVE-2024-29852
- EPSS 0.33%
- Veröffentlicht 22.05.2024 23:15:09
- Zuletzt bearbeitet 03.07.2025 15:48:06
Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs.
CVE-2024-29851
- EPSS 0.4%
- Veröffentlicht 22.05.2024 23:15:09
- Zuletzt bearbeitet 03.07.2025 16:11:32
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account.
CVE-2024-29849
- EPSS 53.62%
- Veröffentlicht 22.05.2024 23:15:08
- Zuletzt bearbeitet 03.07.2025 16:14:42
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
CVE-2024-29850
- EPSS 0.58%
- Veröffentlicht 22.05.2024 23:15:08
- Zuletzt bearbeitet 03.07.2025 16:13:04
Veeam Backup Enterprise Manager allows account takeover via NTLM relay.