RCE & Sensitive Data Exposure in Veeam Backup & Replication
CVE-2024-40710
8.8HIGH
What is CVE-2024-40710?
The identified vulnerabilities in Veeam Backup & Replication permit remote code execution (RCE) potentially allowing attackers to control affected systems. These vulnerabilities also create avenues for the extraction of sensitive information, including saved credentials and passwords. Exploitation is contingent upon the attacker having a low-privileged user role, thereby emphasizing the critical need for stringent access controls and user role management within affected environments.
Affected Version(s)
Backup and Recovery 12.1.2