Vulnerabilities > Veeam > Veeam Backup Replication
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-03-20 | CVE-2025-23120 | Unspecified vulnerability in Veeam Backup & Replication A vulnerability allowing remote code execution (RCE) for domain users. | 8.8 |
2024-12-04 | CVE-2024-40717 | Unspecified vulnerability in Veeam Backup & Replication A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution (RCE) by updating existing jobs. | 8.8 |
2024-12-04 | CVE-2024-42451 | Unspecified vulnerability in Veeam Backup & Replication A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. | 6.5 |
2024-12-04 | CVE-2024-42452 | Unspecified vulnerability in Veeam Backup & Replication A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. | 8.8 |
2024-12-04 | CVE-2024-42453 | Unspecified vulnerability in Veeam Backup & Replication A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. | 8.1 |
2024-12-04 | CVE-2024-42455 | Unspecified vulnerability in Veeam Backup & Replication A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. | 8.1 |
2024-12-04 | CVE-2024-42456 | Unspecified vulnerability in Veeam Backup & Replication A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. | 8.8 |
2024-12-04 | CVE-2024-42457 | Unspecified vulnerability in Veeam Backup & Replication A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. | 6.5 |
2024-12-04 | CVE-2024-45204 | Unspecified vulnerability in Veeam Backup & Replication A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials. | 4.3 |
2024-09-07 | CVE-2024-40711 | Deserialization of Untrusted Data vulnerability in Veeam Backup & Replication 12.0.0.1420 A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE). | 9.8 |