Remote Code Execution Vulnerability Affects Administrator Privileges
CVE-2024-42023
7.8HIGH
Summary
The vulnerability disclosed allows low-privileged users within a Veeam Backup and Replication environment to execute arbitrary code with elevated Administrator privileges. This security gap could lead to unauthorized access and potential manipulation of critical backup operations, posing a significant risk to data integrity and system security. Users and administrators are encouraged to apply the latest security updates and adhere to best practices in configuring user privileges to mitigate this risk.
Affected Version(s)
One 12.1
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved