CVE-2024-40715

Published Nov 7, 2024

Last updated 9 days ago

CVSS high 7.7

Overview

Description
A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle (MITM) attack to exploit this vulnerability.
Source
support@hackerone.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.0

Type
Secondary
Base score
7.7
Impact score
5.5
Exploitability score
2.2
Vector string
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
Severity
HIGH

Social media

Hype score
Not currently trending

  1. CVE-2024-40715: Authentication Bypass Threat in Veeam Backup Enterprise Manager https://t.co/JTMQdpKYB2

    @clb_bcr

    9 Nov 2024

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Vulnerabilidad de bypass de autenticación en Veeam Backup Enterprise Manager. Veeam ha revelado una nueva vulnerabilidad de seguridad identificada como CVE-2024-40715, que afecta a Veeam Backup Enterprise Manager. Mayor informacaión: https://t.co/gAyQEYFf6O https://t.co/NrP0fPg

    @CSIRT_Telconet

    8 Nov 2024

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 【リンク集:11月7日~8日のセキュリティ関連ニュース/記事】 <脆弱性> ・米CISA、パロアルトネットワークスの重大なバグが攻撃に悪用されていると警告(CVE-2024-5910) https://t.co/vTwufxmNK5 ・CVE-2024-40715:Veeam Backup Enterprise Managerにおける認証バイパスの脅威… https://t.co/Tf9xq5poO6

    @MachinaRecord

    8 Nov 2024

    93 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2024-40715 A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able … https://t.co/4IdZDQlplO

    @CVEnew

    7 Nov 2024

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Veeam Fixes CVE-2024-40715 with a hotfix release #VeeamBackup #CVE-2024-40715 https://t.co/WP1sLphTZ7

    @pravin_karthik

    7 Nov 2024

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 【セキュリティ ニュース】「Veeam Backup Enterprise Manager」に脆弱性 - 認証回避のおそれ(1ページ目 / 全1ページ):Security NEXT https://t.co/RL7tVrENpq 『認証の回避が可能となる脆弱性「CVE-2024-40715」について明らかにしたもの。「Veeam Backup Enterprise Manager」を含む「Veeam… https://t.co/fi9GGo2UmI

    @taku888infinity

    6 Nov 2024

    755 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

References