CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-42453

A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially leading to Denial of Service (DoS) and data integrity issues. The vulnerability is caused by improper permission checks in methods accessed via management services.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.9%

CVSS Severity

CVSS v3 Score 7.4

References

https://www.veeam.com/kb4693

Products affected by CVE-2024-42453

Veeam » Veeam Backup & Replication » Version: 12.0.0.1420

cpe:2.3:a:veeam:veeam_backup_&_replication:12.0.0.1420
Veeam » Veeam Backup & Replication » Version: 12.1.0.2131

cpe:2.3:a:veeam:veeam_backup_&_replication:12.1.0.2131
Veeam » Veeam Backup & Replication » Version: 12.1.1.56

cpe:2.3:a:veeam:veeam_backup_&_replication:12.1.1.56
Veeam » Veeam Backup & Replication » Version: 12.1.2.172

cpe:2.3:a:veeam:veeam_backup_&_replication:12.1.2.172
Veeam » Veeam Backup & Replication » Version: 12.2.0.334

cpe:2.3:a:veeam:veeam_backup_&_replication:12.2.0.334

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-42453

Products

Pricing

Contact Us