Veeam: >> Veeam Service Provider Console Security Vulnerabilities
A vulnerability in Veeam Service Provider Console has been identified, which allows to perform arbitrary HTTP requests to arbitrary hosts of the network and get information about internal resources.
CVSS Score
6.5
EPSS Score
0.0
Published
2024-12-04
Due to an unsafe de-serialization method used by the Veeam Service Provider Console(VSPC) server in communication between the management agent and its components, under certain conditions, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine.
CVSS Score
9.9
EPSS Score
0.226
Published
2024-05-14