cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-40714,https://securityvulnerability.io/vulnerability/CVE-2024-40714,Intercepting Sensitive Credentials During Restore Operations,"An improper certificate validation vulnerability has been identified in Veeam Backup & Replication, where inadequate checks during TLS certificate validation can be exploited by an attacker on the same network. This flaw potentially allows unauthorized interception of sensitive credentials during restore operations, posing a serious security threat to data integrity and confidentiality in enterprise environments.",Veeam,Backup And Recovery,8.3,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-07T16:11:22.237Z,0
CVE-2024-40713,https://securityvulnerability.io/vulnerability/CVE-2024-40713,Low-Privileged User Vulnerability Allows MFA Bypass,"A vulnerability exists within Veeam Backup & Replication that permits users with low-privileged roles to alter Multi-Factor Authentication (MFA) settings. This manipulation can enable these users to bypass the MFA mechanism, resulting in potential unauthorized access to critical backup and replication data. This highlights the importance of maintaining stringent access controls and regularly updating security measures to mitigate such risks.",Veeam,Backup And Recovery,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-07T16:11:22.216Z,0
CVE-2024-40709,https://securityvulnerability.io/vulnerability/CVE-2024-40709,Low-Privileged User Escalation,"A missing authorization flaw in Veeam Backup & Replication software allows a local low-privileged user to escalate their privileges to root level. This vulnerability could enable unauthorized access to sensitive system functions and data, potentially compromising system integrity and security. It is crucial for users of the affected versions to assess the potential risks and apply necessary security measures.",Veeam,Backup And Recovery,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-07T16:11:22.216Z,0
CVE-2024-40711,https://securityvulnerability.io/vulnerability/CVE-2024-40711,Unauthenticated Remote Code Execution (RCE) Vulnerability Discovered in Vulnerability Scanning Tool,"A vulnerability has been identified in Veeam Backup & Replication products that allows for the deserialization of untrusted data. This flaw can be exploited by an attacker to execute arbitrary code remotely without authentication, potentially compromising the integrity and security of the affected systems. Proper remediation measures are necessary to mitigate the risks associated with this vulnerability.",Veeam,Backup And  Recovery,9.8,CRITICAL,0.9621700048446655,true,2024-10-17T00:00:00.000Z,true,true,true,2024-09-10T16:07:37.000Z,true,true,true,2024-09-07T17:52:16.619Z,2024-09-07T16:11:22.213Z,11647
CVE-2024-40712,https://securityvulnerability.io/vulnerability/CVE-2024-40712,Oracle Database Vulnerable to Local Privilege Escalation Attacks,"A path traversal vulnerability found in Veeam Software's Backup & Replication products enables attackers with low-privileged accounts and local access to perform local privilege escalation (LPE). This vulnerability can allow unauthorized users to access sensitive files and execute commands with elevated privileges, which poses a significant risk to system integrity and data security. Users are advised to review their systems and apply available security patches to mitigate potential exploitation. For detailed information, refer to the official documentation provided by Veeam Software.",Veeam,Backup And Recovery,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-09-07T16:11:22.203Z,0
CVE-2024-40710,https://securityvulnerability.io/vulnerability/CVE-2024-40710,RCE & Sensitive Data Exposure in Veeam Backup & Replication,"The identified vulnerabilities in Veeam Backup & Replication permit remote code execution (RCE) potentially allowing attackers to control affected systems. These vulnerabilities also create avenues for the extraction of sensitive information, including saved credentials and passwords. Exploitation is contingent upon the attacker having a low-privileged user role, thereby emphasizing the critical need for stringent access controls and user role management within affected environments.",Veeam,Backup And Recovery,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-07T16:11:22.182Z,0
CVE-2024-39718,https://securityvulnerability.io/vulnerability/CVE-2024-39718,Remote File Removal Vulnerability in System,"An improper input validation vulnerability exists in Veeam Backup & Replication software, allowing low-privileged users to exploit this flaw to remotely delete files on the system. The issue stems from insufficient validation of input data, leading to unauthorized actions with the same permissions as the service account. Users of affected versions are urged to review their security settings and apply necessary mitigations.",Veeam,Backup And Recovery,8.1,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-07T16:11:22.180Z,0