Lucene search
HackeroneCVE-2022-43549HistoryDec 05, 2022 - 10:15 p.m.
CVE-2022-43549
2022-12-0522:15:10
CWE-287
hackerone
web.nvd.nist.gov
38
cve-2022-43549
improper authentication
veeam backup
google cloud
authentication bypass
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
57.5%
Improper authentication in Veeam Backup for Google Cloud v1.0 and v3.0 allows attackers to bypass authentication mechanisms.
Affected configurations
Node
veeamveeam_backup_for_google_cloudMatch1.0
ORveeamveeam_backup_for_google_cloudMatch3.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| veeam | veeam_backup_for_google_cloud | 1.0 | cpe:2.3:a:veeam:veeam_backup_for_google_cloud:1.0:*:*:*:*:*:*:* |
| veeam | veeam_backup_for_google_cloud | 3.0 | cpe:2.3:a:veeam:veeam_backup_for_google_cloud:3.0:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "n/a",
"product": "Veeam Backup for Google Cloud",
"versions": [
{
"version": "1.0, 3.0",
"status": "affected"
}
]
}
]References
Related
nvd
nvd
CVE-2022-43549
2022-12-05 22:15:10
prion
prion
Authentication flaw
2022-12-05 22:15:00
veeam
veeam
Veeam Backup for Google Cloud - Critical Vulnerability (CVE-2022-43549)
2022-11-08 00:00:00
cvelist
cvelist
CVE-2022-43549
2022-12-05 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
57.5%
Related for CVE-2022-43549