Vulnerability Details CVE-2024-29212
Due to an unsafe de-serialization method used by the Veeam Service Provider Console(VSPC) server in communication between the management agent and its components, under certain conditions, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.226
EPSS Ranking 95.6%
CVSS Severity
CVSS v3 Score 9.9
Products affected by CVE-2024-29212
-
cpe:2.3:a:veeam:veeam_service_provider_console:*