Backup & Replication Enterprise Manager
by Veeam
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-29849 | 0.04 | — | 0.17 | May 22, 2024 | Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface. | |||
| CVE-2024-40715 | 0.00 | — | 0.01 | Nov 7, 2024 | A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle (MITM) attack to exploit this vulnerability. | |||
| CVE-2024-29851 | 0.00 | — | 0.01 | May 22, 2024 | Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account. | |||
| CVE-2024-29852 | 0.00 | — | 0.01 | May 22, 2024 | Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs. | |||
| CVE-2024-29850 | 0.00 | — | 0.01 | May 22, 2024 | Veeam Backup Enterprise Manager allows account takeover via NTLM relay. |
- CVE-2024-29849May 22, 2024risk 0.04cvss —epss 0.17
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
- CVE-2024-40715Nov 7, 2024risk 0.00cvss —epss 0.01
A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle (MITM) attack to exploit this vulnerability.
- CVE-2024-29851May 22, 2024risk 0.00cvss —epss 0.01
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account.
- CVE-2024-29852May 22, 2024risk 0.00cvss —epss 0.01
Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs.
- CVE-2024-29850May 22, 2024risk 0.00cvss —epss 0.01
Veeam Backup Enterprise Manager allows account takeover via NTLM relay.