Vulnerabilidades en VEEAM
74 resultadosCVE-2024-40715HIGHA vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypasEPSS 0.6%CVE-2025-59469CRITICALThis vulnerability allows a Backup or Tape Operator to write files as root.EPSS 0.6%CVE-2025-23114CRITICALA vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue oEPSS 0.6%CVE-2024-29852LOWVeeam Backup Enterprise Manager allows high-privileged users to read backup session logs.EPSS 0.5%CVE-2026-32997HIGHA vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & RepEPSS 0.5%CVE-2024-42019CRITICALA vulnerability that allows an attacker to access the NTLM hash of the Veeam Reporter Service service account. This attack requires user intEPSS 0.5%CVE-2026-21668HIGHA vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository.EPSS 0.5%CVE-2024-42452HIGHA vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials,EPSS 0.5%CVE-2024-42023HIGHAn improper access control vulnerability allows low-privileged users to execute code with Administrator privileges remotely.EPSS 0.5%CVE-2024-40718HIGHA server side request forgery vulnerability allows a low-privileged user to perform local privilege escalation through exploiting an SSRF vuEPSS 0.5%CVE-2024-42457HIGHA vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combinatiEPSS 0.4%CVE-2026-32998CRITICALThis vulnerability in Veeam Service Provider Console allows for remote code execution.EPSS 0.4%CVE-2026-21670HIGHA vulnerability allowing a low-privileged user to extract saved SSH credentials.EPSS 0.4%CVE-2024-22021MEDIUMVulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role (Plan Author) to retrieve plans from a ScoEPSS 0.4%CVE-2024-42020HIGHA Cross-site-scripting (XSS) vulnerability exists in the Reporter Widgets that allows HTML injection.EPSS 0.4%CVE-2024-42456HIGHA vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates crEPSS 0.4%CVE-2024-45204HIGHA vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved EPSS 0.4%CVE-2024-40714HIGHAn improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitiveEPSS 0.3%CVE-2025-23082HIGHVeeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unaEPSS 0.3%CVE-2024-42453HIGHA vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructEPSS 0.3%