CVE-2023-38549
CVE-2023-38549
In short
An unprivileged user accessing Veeam ONE Web Client can steal the NTLM password hash of the Veeam ONE Reporting Service account. This allows attackers to potentially compromise the service account and gain unauthorized access to sensitive backup data.
Technical detail
The vulnerability enables NTLM hash extraction through the Veeam ONE Web Client interface accessible to unprivileged users. Exploitation requires network access to the web client and knowledge of the target service account; however, impact is mitigated by the requirement that an Administrator role user must interact with the malicious request. The compromised hash could be used in pass-the-hash attacks or offline cracking attempts.
Summary generated and translated by AI from the official description.
A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service. Note: The criticality of this vulnerability is reduced as it requires interaction by a user with the Veeam ONE Administrator role.
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
Affected products
Veeam · OneWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://www.veeam.com/kb4508