CVE-2023-38548
CVE-2023-38548
In short
An unprivileged user accessing Veeam ONE Web Client can steal the NTLM password hash of the service account that runs Veeam ONE Reporting. This allows attackers to potentially crack the password or use it for further attacks.
Technical detail
CWE-522 credential exposure vulnerability in Veeam ONE Web Client enables unauthenticated or low-privilege users to extract NTLM hashes of the Veeam ONE Reporting Service account. The attack vector is network-based with low attack complexity; successful exploitation compromises the confidentiality of service account credentials, enabling offline hash cracking or lateral movement.
Summary generated and translated by AI from the official description.
A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Veeam · OneWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://www.veeam.com/kb4508