CVE-2024-42453

Published Dec 4, 2024

Last updated 3 months ago

CVSS high 7.4

Overview

Description
A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially leading to Denial of Service (DoS) and data integrity issues. The vulnerability is caused by improper permission checks in methods accessed via management services.
Source
support@hackerone.com
NVD status
Received

Risk scores

CVSS 3.0

Type
Secondary
Base score
7.4
Impact score
3.7
Exploitability score
3.1
Vector string
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Severity
HIGH

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-862

Social media

Hype score
Not currently trending

  1. CVE-2024-42453 A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual ... https://t.co/uxJAHfBKs0

    @VulmonFeeds

    4 Dec 2024

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-42453 A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes t… https://t.co/3x5pcydyz2

    @CVEnew

    4 Dec 2024

    223 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

References