Veeam Backup & Replication Enterprise Manager Vulnerability - Authentication Bypass
CVE-2024-40715

7.7HIGH

Key Information:

Vendor: Veeam
Status: Enterprise Manager
Vendor: CVE Published:; 7 November 2024

Summary

A security vulnerability has been identified in Veeam Backup & Replication Enterprise Manager that can lead to authentication bypass. This vulnerability can be exploited by attackers through a Man-in-the-Middle (MITM) attack, enabling unauthorized access to sensitive information and functionalities. Organizations utilizing this software should be aware of the potential risks and implement appropriate security measures to protect their data.

Affected Version(s)

Enterprise Manager 12.2

References

https://www.veeam.com/kb4682

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 7, 2024
Vulnerability Reserved
Jul 9, 2024