CVE-2024-42453
CVSS 3.0 Score 7.4 of 10 (high)
Details
Summary
CVE-2024-42453 is a newly discovered vulnerability affecting Veeam Backup & Replication software. This issue grants low-privileged users unnecessary control over connected virtual infrastructure hosts, enabling them to perform actions such as powering off virtual machines, deleting files, and configuring settings. Consequences of this vulnerability can result in Denial of Service (DoS) and data integrity issues.The root cause of this vulnerability stems from insufficient permission checks in methods that are accessible via management services. It is crucial for organizations using Veeam Backup & Replication to address this issue promptly to prevent potential security risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.