CVE-2024-42024

High

A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account credentials to perform remote code execution…

hackerone·CWE-250·Published 2024-09-07

CVSS

8.8

EPSS

0.01

KEV

Exploits

cve.orgen

192 chars

A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account credentials to perform remote code execution on the machine where the Veeam ONE Agent is installed.

NVDen

192 chars

A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account credentials to perform remote code execution on the machine where the Veeam ONE Agent is installed.

Una vulnerabilidad que permite a un atacante en posesión de las credenciales de la cuenta de servicio de Veeam ONE Agent realizar una ejecución remota de código en la máquina donde está instalado Veeam ONE Agent.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.0	Primary	cve.org	9.1	—	—	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
3.0	Primary	cve.org	9.1	—	—	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
3.0	Secondary	NVD	9.1	2.3	6.0	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H