Veeam: Security Vulnerabilities
Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator
CVSS Score
9.0
EPSS Score
0.195
Published
2024-06-11
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account.
CVSS Score
7.2
EPSS Score
0.004
Published
2024-05-22
Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs.
CVSS Score
2.7
EPSS Score
0.003
Published
2024-05-22
An authentication bypass vulnerability in Veeam Agent for Microsoft Windows allows for local privilege escalation.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-05-22
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
CVSS Score
9.8
EPSS Score
0.536
Published
2024-05-22
Veeam Backup Enterprise Manager allows account takeover via NTLM relay.
CVSS Score
8.8
EPSS Score
0.006
Published
2024-05-22
Due to an unsafe de-serialization method used by the Veeam Service Provider Console(VSPC) server in communication between the management agent and its components, under certain conditions, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine.
CVSS Score
9.9
EPSS Score
0.279
Published
2024-05-14
Vulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role (Plan Author) to retrieve plans from a Scope other than the one they are assigned to.
CVSS Score
6.5
EPSS Score
0.003
Published
2024-02-07
Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-privileged role to access the NTLM hash of the service account used by the Veeam Orchestrator Server Service.
CVSS Score
8.8
EPSS Score
0.006
Published
2024-02-07
A vulnerability in Veeam ONE allows a user with the Veeam ONE Read-Only User role to view the Dashboard Schedule. Note: The criticality of this vulnerability is reduced because the user with the Read-Only role is only able to view the schedule and cannot make changes.
CVSS Score
4.3
EPSS Score
0.014
Published
2023-11-07