Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2024-29855

Disclosure Date: June 11, 2024 (last updated June 11, 2024)
Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator
0
0
Attacker Value
Unknown

CVE-2024-22022

Disclosure Date: February 07, 2024 (last updated February 16, 2024)
Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-privileged role to access the NTLM hash of the service account used by the Veeam Orchestrator Server Service.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-22021

Disclosure Date: February 07, 2024 (last updated February 29, 2024)
Vulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role (Plan Author) to retrieve plans from a Scope other than the one they are assigned to.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0