Lucene search
HackeroneCVE-2024-40709HistorySep 07, 2024 - 5:15 p.m.
CVE-2024-40709
2024-09-0717:15:12
CWE-862
hackerone
web.nvd.nist.gov
28
20
authorization privilege escalation vulnerability
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.9
Confidence
High
EPSS
0
Percentile
9.5%
A missing authorization vulnerability allows a local low-privileged user on the machine to escalate their privileges to root level.
Affected configurations
Node
veeambackup_and_recoveryRange≤12.1.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| veeam | backup_and_recovery | * | cpe:2.3:a:veeam:backup_and_recovery:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"vendor": "Veeam",
"product": "Backup and Recovery",
"versions": [
{
"version": "12.1.2",
"status": "affected",
"lessThanOrEqual": "12.1.2",
"versionType": "semver"
}
]
}
]References
Social References
More
Related
nvd
nvd
CVE-2024-40709
2024-09-07 17:15:12
veeam
veeam
List of Security Fixes and Improvements in Veeam Agent for Linux
2020-03-02 00:00:00
Veeam Security Bulletin (September 2024)
2024-09-04 00:00:00
cvelist
cvelist
CVE-2024-40709
2024-09-07 16:11:22
vulnrichment
vulnrichment
CVE-2024-40709
2024-09-07 16:11:22
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.9
Confidence
High
EPSS
0
Percentile
9.5%
Related for CVE-2024-40709