Veeam Backup \& Replication
by Veeam
CVEs (35)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-42457 | 0.00 | — | 0.00 | Dec 4, 2024 | A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and… | |||
| CVE-2024-42452 | 0.00 | — | 0.00 | Dec 4, 2024 | A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges.… | |||
| CVE-2024-40717 | 0.00 | — | 0.01 | Dec 4, 2024 | A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution (RCE) by updating existing jobs. These jobs can be configured to run pre- and post-scripts, which can be located on a network share and are executed… | |||
| CVE-2024-42456 | 0.00 | — | 0.00 | Dec 4, 2024 | A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. This can result… | |||
| CVE-2024-42455 | 0.00 | — | 0.14 | Dec 4, 2024 | A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service… | |||
| CVE-2024-40713 | 0.00 | — | 0.00 | Sep 7, 2024 | A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor Authentication (MFA) settings and bypass MFA. | |||
| CVE-2024-40710 | 0.00 | — | 0.01 | Sep 7, 2024 | A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and extraction of sensitive information (savedcredentials and passwords). Exploiting these vulnerabilities requires a user who has been assigned a… | |||
| CVE-2024-42019 | 0.00 | — | 0.01 | Sep 7, 2024 | A vulnerability that allows an attacker to access the NTLM hash of the Veeam Reporter Service service account. This attack requires user interaction and data collected from Veeam Backup & Replication. | |||
| CVE-2024-29851 | 0.00 | — | 0.01 | May 22, 2024 | Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account. | |||
| CVE-2024-29852 | 0.00 | — | 0.01 | May 22, 2024 | Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs. | |||
| CVE-2024-29850 | 0.00 | — | 0.01 | May 22, 2024 | Veeam Backup Enterprise Manager allows account takeover via NTLM relay. | |||
| CVE-2022-26504 | 0.00 | — | 0.02 | Mar 17, 2022 | Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe | |||
| CVE-2021-35971 | 0.00 | — | 0.01 | Jun 30, 2021 | Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting. | |||
| CVE-2020-15518 | 0.00 | — | 0.01 | Jul 3, 2020 | VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests. | |||
| CVE-2015-5742 | 0.00 | — | 0.01 | Oct 16, 2015 | VeeamVixProxy in Veeam Backup & Replication (B&R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files. |
- CVE-2024-42457Dec 4, 2024risk 0.00cvss —epss 0.00
A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and…
- CVE-2024-42452Dec 4, 2024risk 0.00cvss —epss 0.00
A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges.…
- CVE-2024-40717Dec 4, 2024risk 0.00cvss —epss 0.01
A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution (RCE) by updating existing jobs. These jobs can be configured to run pre- and post-scripts, which can be located on a network share and are executed…
- CVE-2024-42456Dec 4, 2024risk 0.00cvss —epss 0.00
A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. This can result…
- CVE-2024-42455Dec 4, 2024risk 0.00cvss —epss 0.14
A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service…
- CVE-2024-40713Sep 7, 2024risk 0.00cvss —epss 0.00
A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor Authentication (MFA) settings and bypass MFA.
- CVE-2024-40710Sep 7, 2024risk 0.00cvss —epss 0.01
A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and extraction of sensitive information (savedcredentials and passwords). Exploiting these vulnerabilities requires a user who has been assigned a…
- CVE-2024-42019Sep 7, 2024risk 0.00cvss —epss 0.01
A vulnerability that allows an attacker to access the NTLM hash of the Veeam Reporter Service service account. This attack requires user interaction and data collected from Veeam Backup & Replication.
- CVE-2024-29851May 22, 2024risk 0.00cvss —epss 0.01
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account.
- CVE-2024-29852May 22, 2024risk 0.00cvss —epss 0.01
Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs.
- CVE-2024-29850May 22, 2024risk 0.00cvss —epss 0.01
Veeam Backup Enterprise Manager allows account takeover via NTLM relay.
- CVE-2022-26504Mar 17, 2022risk 0.00cvss —epss 0.02
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe
- CVE-2021-35971Jun 30, 2021risk 0.00cvss —epss 0.01
Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting.
- CVE-2020-15518Jul 3, 2020risk 0.00cvss —epss 0.01
VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests.
- CVE-2015-5742Oct 16, 2015risk 0.00cvss —epss 0.01
VeeamVixProxy in Veeam Backup & Replication (B&R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files.
Page 2 of 2