Low-Privileged Role Grants Access to Service Account NTLM Hash
CVE-2024-22022

8.8HIGH

Key Information:

Vendor: Veeam
Status: Recovery Orchestrator; Availability Orchestrator
Vendor: CVE Published:; 7 February 2024

Summary

A vulnerability in Veeam Recovery Orchestrator enables users with low-privileged roles to retrieve the NTLM hash of the service account utilized by the Veeam Orchestrator Server Service. This exposure poses a significant security risk, as it can potentially allow unauthorized access or privilege escalation within the system. Proper access controls and monitoring measures are recommended to mitigate the risks associated with this vulnerability.

Affected Version(s)

Availability Orchestrator 4

Recovery Orchestrator 6

Recovery Orchestrator 5

References

https://veeam.com/kb4541

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 7, 2024
Vulnerability Reserved
Jan 4, 2024