Unrated severityNVD Advisory· Published Dec 4, 2024· Updated Dec 4, 2024
CVE-2024-42452
CVE-2024-42452
Description
A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges. The vulnerability exists because remote calls bypass permission checks, leading to full system compromise.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 12.2
Patches
Vulnerability mechanics
References
1- www.veeam.com/kb4693mitre
News mentions
0No linked articles in our index yet.