Vulnerability Details CVE-2024-40713
A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor Authentication (MFA) settings and bypass MFA.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.9%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2024-40713
-
cpe:2.3:a:veeam:veeam_backup_&_replication:10.0
-
cpe:2.3:a:veeam:veeam_backup_&_replication:10.0.0.4442
-
cpe:2.3:a:veeam:veeam_backup_&_replication:10.0.0.4461
-
cpe:2.3:a:veeam:veeam_backup_&_replication:10.0.1.4848
-
cpe:2.3:a:veeam:veeam_backup_&_replication:10.0.1.4854
-
cpe:2.3:a:veeam:veeam_backup_&_replication:11.0
-
cpe:2.3:a:veeam:veeam_backup_&_replication:11.0.0.825
-
cpe:2.3:a:veeam:veeam_backup_&_replication:11.0.0.837
-
cpe:2.3:a:veeam:veeam_backup_&_replication:11.0.1.1261
-
cpe:2.3:a:veeam:veeam_backup_&_replication:12.0.0.1420
-
cpe:2.3:a:veeam:veeam_backup_&_replication:12.1.0.2131
-
cpe:2.3:a:veeam:veeam_backup_&_replication:12.1.1.56
-
cpe:2.3:a:veeam:veeam_backup_&_replication:12.1.2.172
-
cpe:2.3:a:veeam:veeam_backup_&_replication:5.0.2.230
-
cpe:2.3:a:veeam:veeam_backup_&_replication:8.0.0.2030
-
cpe:2.3:a:veeam:veeam_backup_&_replication:9.5.0.1536
-
cpe:2.3:a:veeam:veeam_backup_&_replication:9.5.4.2615