cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-38650,https://securityvulnerability.io/vulnerability/CVE-2024-38650,Authentication Bypass Vulnerability Affects NTLM Hash of Service Account on VSPC Server,"An authentication bypass vulnerability exists in the Veeam Service Provider Console that can be exploited by low privileged attackers. This flaw allows unauthorized access to critical information, specifically the NTLM hash of service accounts. If exploited, this vulnerability could enable attackers to escalate their privileges and compromise the security of the system.",Veeam,Veeam Service Provider Console,9.9,CRITICAL,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-07T16:11:22.353Z,0
CVE-2024-39715,https://securityvulnerability.io/vulnerability/CVE-2024-39715,Remote Code Execution Vulnerability in VSPC Server via REST API,"A code injection vulnerability exists in the VSPC server by Veeam, allowing low-privileged users with access to the REST API to upload arbitrary files. This flaw could enable an attacker to execute remote code on the VSPC server, potentially compromising the system and leading to unauthorized access or data manipulation. The vulnerability underscores the risks associated with insufficient input validation and access controls in REST API implementations.",Veeam,Veeam Service Provider Console,8.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-07T16:11:22.204Z,0
CVE-2024-38651,https://securityvulnerability.io/vulnerability/CVE-2024-38651,Low-Privileged Code Execution Vulnerability Affects VSPC Servers,"A code injection vulnerability exists within the Veeam Service Provider Console (VSPC) that allows low-privileged users to overwrite files. This flaw could be exploited to achieve remote code execution on the affected server, posing a significant security risk. The vulnerability underscores the importance of promptly applying security patches and maintaining strict user privilege controls.",Veeam,Veeam Service Provider Console,8.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-07T16:11:22.198Z,0
CVE-2024-39714,https://securityvulnerability.io/vulnerability/CVE-2024-39714,Arbitrary File Upload Vulnerability Affects VSPC Server,"A vulnerability exists within the VSPC server that allows a low-privileged user to execute a code injection attack by uploading arbitrary files to the server. This can lead to unauthorized remote code execution, posing significant security risks for affected systems. Proper safeguards and user permission management are essential to mitigate this vulnerability and protect the integrity of the VSPC server.",Veeam,Veeam Service Provider Console,9.9,CRITICAL,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-07T16:11:22.188Z,0