- Description
- From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to remove arbitrary files on the VSPC server machine.
- Source
- support@hackerone.com
- NVD status
- Received
CVSS 3.0
- Type
- Secondary
- Base score
- 7.1
- Impact score
- 4.2
- Exploitability score
- 2.8
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
به تازگی Veeam برای دو آسیب پذیری موجود در سرویس (VSPC) ، پچ امنیتی لازم را منتشر نموده است.آسیب پذیری اول دارای کد شناسایی CVE-2024-42448 و از نوع RCE و آسیب پذیری دوم دارای کد شناسایی CVE-2024-42449 که باعث سرقت هش NTLM می شود ، هستند. https://t.co/Poz3aKY03t https://t.co/Mujo9
@AmirHossein_sec
13 Dec 2024
41 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#Veeam releases immediate update in order to #patch two severe #vulnerabilities, CVE-2024-42448 & CVE-2024-42449. #Cybersecurity #infosec https://t.co/pqEg7FY3aC https://t.co/qNdJynungt
@twelvesec
7 Dec 2024
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Veeam SPC vulnerabilities (CVE-2024-42448 & CVE-2024-42449) announced! Update to version 8.1.0.21999 to stay secure. Liongard’s new Server Version metric helps MSPs quickly identify and address impacted systems. Stay proactive! 🔗 https://t.co/Pd4nXWQgCC
@LiongardHQ
7 Dec 2024
39 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: Critical Veeam Vulnerabilities Expose Service Provider Console to Cyber Risks CVE-2024-42448 CVE-2024-42449 Severity: ⚠️ Critical Maturity: 💥 Mainstream Learn more: https://t.co/sGSM0aZHcB #CyberSecurity #ThreatIntel #InfoSec (1/3)
@fletch_ai
6 Dec 2024
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Two severe vulnerabilities (CVE-2024-42448 & CVE-2024-42449) in @Veeam Service Provider Console (VSPC) could enable remote code execution and data theft. No mitigations exist except upgrading to version 8.1.0.21999 or later. 🔗Read more: https://t.co/yxCkKIHVSP #PatchNow #ISB
@Info_Sec_Buzz
5 Dec 2024
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[Information Security Buzz] Critical Vulnerabilities Found in Veeam Service Provider Console. Two critical vulnerabilities (CVE-2024-42448 and CVE-2024-42449) have been identified in Veeam Service Provider Console (VSPC), prompting an urgent call for... https://t.co/17UvhUErH9
@shah_sheikh
5 Dec 2024
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Veeam Fixes Critical vulnerability in CVE-2024-42448 #VeeamVSPC #CVE-2024-42448 #CVE-2024-42449 https://t.co/5wjrElRwWo
@pravin_karthik
4 Dec 2024
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Veeam Service Provider RCE Vulnerability Let Attackers Execute Arbitrary Code Source: https://t.co/5UfN7CK1dl CVE-2024-42448 - This flaw allows attackers to execute arbitrary code. CVE-2024-42449 - his security issue enables attackers to steal the NTLM hash. https://t.co/pSeva
@gbhackers_news
4 Dec 2024
117 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨Veeam ha corregido dos vulnerabilidades en Veeam Service Provider Console (VSPC) https://t.co/yvQkhKuZiJ ⚠️ CVE-2024-42448 (CVSS v3.1 Score: 9.9) ⚠️ CVE-2024-42449 https://t.co/b4otNPULRv https://t.co/cuv3nOJXUk
@elhackernet
3 Dec 2024
3052 Impressions
13 Retweets
23 Likes
7 Bookmarks
0 Replies
0 Quotes
#Veeam plugs serious holes in #Service #Provider Console (CVE-2024-42448, CVE-2024-42449) https://t.co/LEpecdpyAd
@ScyScan
3 Dec 2024
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes