Lucene search
HistorySep 07, 2024 - 5:15 p.m.
CVE-2024-39714
code injection
file upload
remote code execution
vspc server
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS
0
Percentile
9.5%
A code injection vulnerability that permits a low-privileged user to upload arbitrary files to the server, leading to remote code execution on VSPC server.
References
Related
cvelist
cvelist
CVE-2024-39714
2024-09-07 16:11:22
cve
cve
CVE-2024-39714
2024-09-07 17:15:12
vulnrichment
vulnrichment
CVE-2024-39714
2024-09-07 16:11:22
thn
thn
Veeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues
2024-09-05 16:05:00
veeam
veeam
Veeam Security Bulletin (September 2024)
2024-09-04 00:00:00
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS
0
Percentile
9.5%
Related for NVD:CVE-2024-39714