Vulnerabilities > Veeam
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-07 | CVE-2024-42024 | Unspecified vulnerability in Veeam ONE 12.0.0.2498/12.0.1.2591 A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account credentials to perform remote code execution on the machine where the Veeam ONE Agent is installed. | 8.8 |
| 2024-02-07 | CVE-2024-22021 | Unspecified vulnerability in Veeam products Vulnerability?CVE-2024-22021 allows?a?Veeam Recovery Orchestrator user with a low?privileged?role (Plan?Author)?to retrieve?plans?from?a?Scope other than the one they are assigned to. | 4.3 |
| 2024-02-07 | CVE-2024-22022 | Unspecified vulnerability in Veeam Recovery Orchestrator 5.0/6.0 Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-privileged role to access the NTLM hash of the service account used by the Veeam Orchestrator Server Service. | 8.8 |
| 2023-11-07 | CVE-2023-38547 | Unspecified vulnerability in Veeam ONE A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. | 9.8 |
| 2023-11-07 | CVE-2023-38548 | Unspecified vulnerability in Veeam ONE 12.0.0.2498/12.0.1.2591 A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service. | 4.3 |
| 2023-11-07 | CVE-2023-38549 | Cross-site Scripting vulnerability in Veeam ONE A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service. | 5.4 |
| 2023-11-07 | CVE-2023-41723 | Unspecified vulnerability in Veeam ONE A vulnerability in Veeam ONE allows a user with the Veeam ONE Read-Only User role to view the Dashboard Schedule. | 4.3 |
| 2023-03-10 | CVE-2023-27532 | Missing Authentication for Critical Function vulnerability in Veeam Backup & Replication Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. | 7.5 |
| 2022-12-05 | CVE-2022-43549 | Improper Authentication vulnerability in Veeam Backup for Google Cloud 1.0/3.0 Improper authentication in Veeam Backup for Google Cloud v1.0 and v3.0 allows attackers to bypass authentication mechanisms. | 9.8 |
| 2022-07-14 | CVE-2022-32225 | Cross-site Scripting vulnerability in Veeam Management Pack 8.0 A reflected DOM-Based XSS vulnerability has been discovered in the Help directory of Veeam Management Pack for Microsoft System Center 8.0. | 6.1 |