7 matches found
EUVD-2025-33565
Newforma Info Exchange NIX '/NPCSRemoteWeb/LegacyIntegrationServices.asmx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the user-configured NIX service account...
EUVD-2025-33570
Newforma Info Exchange NIX '/RemoteWeb/IntegrationServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the NIX service account...
CVE-2025-35061 Newforma Info Exchange (NIX) forced NTLMv2 authentication via /NPCSRemoteWeb/LegacyIntegrationServices.asmx
Newforma Info Exchange NIX '/NPCSRemoteWeb/LegacyIntegrationServices.asmx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the user-configured NIX service account...
CVE-2025-35057 Newforma Info Exchange (NIX) forced NTLMv2 authentication via /RemoteWeb/IntegrationServices.ashx
Newforma Info Exchange NIX '/RemoteWeb/IntegrationServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the NIX service account...
The vulnerability of Veeam Backup & Replication’s protection mechanisms for cloud, virtual, and physical systems stems from deficiencies in access control. This allows attackers to gain unauthorized access to the NTLM hash of the Enterprise Manager service account.
The vulnerability of Veeam Backup & Replication’s protection mechanisms for cloud, virtual, and physical systems stems from deficiencies in access control. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to the NTLM hash of the Enterprise Manager service account...
PT-2024-6472 · Veeam · Veeam Reporter Service +1
Name of the Vulnerable Software and Affected Versions: Veeam Reporter Service affected versions not specified Description: A vulnerability exists in Veeam Reporter Service that allows an attacker to access the NTLM hash of the service account. This attack requires user interaction and data...
CVE-2024-22022
Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-privileged role to access the NTLM hash of the service account used by the Veeam Orchestrator Server Service...