Security News > 2024 > May > Critical Veeam Backup Enterprise Manager Flaw Allows Authentication Bypass
2024-05-22 03:45
Users of Veeam Backup Enterprise Manager are being urged to update to the latest version following the discovery of a critical security flaw that could permit an adversary to bypass authentication protections. Tracked as CVE-2024-29849 (CVSS score: 9.8), the vulnerability could allow an unauthenticated attacker to log in to the Veeam Backup Enterprise Manager web interface as
News URL
https://thehackernews.com/2024/05/critical-veeam-backup-enterprise.html
Related news
- Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) (source)
- Akira and Fog ransomware now exploit critical Veeam RCE flaw (source)
- Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-22 | CVE-2024-29849 | Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface. | 0.0 |