Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/09 9:31 p.m.5 views

EUVD-2025-33565

Newforma Info Exchange NIX '/NPCSRemoteWeb/LegacyIntegrationServices.asmx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the user-configured NIX service account...

8.2CVSS6.4AI score0.00353EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/09 9:31 p.m.6 views

EUVD-2025-33570

Newforma Info Exchange NIX '/RemoteWeb/IntegrationServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the NIX service account...

6CVSS6.4AI score0.00305EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/09 8:22 p.m.4 views

CVE-2025-35061 Newforma Info Exchange (NIX) forced NTLMv2 authentication via /NPCSRemoteWeb/LegacyIntegrationServices.asmx

Newforma Info Exchange NIX '/NPCSRemoteWeb/LegacyIntegrationServices.asmx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the user-configured NIX service account...

8.2CVSS6.6AI score0.00353EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/09 8:21 p.m.32 views

CVE-2025-35057 Newforma Info Exchange (NIX) forced NTLMv2 authentication via /RemoteWeb/IntegrationServices.ashx

Newforma Info Exchange NIX '/RemoteWeb/IntegrationServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the NIX service account...

6CVSS0.00305EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.6 views

The vulnerability of Veeam Backup & Replication’s protection mechanisms for cloud, virtual, and physical systems stems from deficiencies in access control. This allows attackers to gain unauthorized access to the NTLM hash of the Enterprise Manager service account.

The vulnerability of Veeam Backup & Replication’s protection mechanisms for cloud, virtual, and physical systems stems from deficiencies in access control. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to the NTLM hash of the Enterprise Manager service account...

9CVSS7.4AI score0.00918EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/04 12:0 a.m.9 views

PT-2024-6472 · Veeam · Veeam Reporter Service +1

Name of the Vulnerable Software and Affected Versions: Veeam Reporter Service affected versions not specified Description: A vulnerability exists in Veeam Reporter Service that allows an attacker to access the NTLM hash of the service account. This attack requires user interaction and data...

9CVSS9.2AI score0.00513EPSS
Exploits0References19
OSV
OSV
added 2024/02/07 1:15 a.m.6 views

CVE-2024-22022

Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-privileged role to access the NTLM hash of the service account used by the Veeam Orchestrator Server Service...

8.8CVSS5.7AI score0.00701EPSS
Exploits0References1
Rows per page
Query Builder