Lucene search
K

32 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-19627

Malicious code in bioql PyPI...

6.5CVSS7AI score0.00399EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-19628

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.00701EPSS
Exploits0References1
Veeam
Veeam
added 2025/07/21 12:0 a.m.13 views

Unable to Login to Web UI After Enabling MFA

Article Applicability This article is regarding a issue that was discovered in Veeam Recovery Orchestrator build 7.2.1.286, which was available for download between 2025-07-08 and 2025-07-17. The issue documented in this article was discovered, confirmed, and patched and a new build was released...

6.9AI score
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 7:33 a.m.7 views

CVE-2024-22021

Vulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role Plan Author to retrieve plans from a Scope other than the one they are assigned to...

6.5CVSS6.7AI score0.00399EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:5 a.m.11 views

CVE-2024-29855

Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator...

9CVSS7.1AI score0.21634EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:39 p.m.7 views

CVE-2024-22022

Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-privileged role to access the NTLM hash of the service account used by the Veeam Orchestrator Server Service...

8.8CVSS6.8AI score0.00701EPSS
Exploits0References1
Veeam
Veeam
added 2024/12/19 12:0 a.m.18 views

Veeam Product Upgrade Guides

Upgrade Guides This article provides a list with links to the upgrade guides available within each product's user guide. Veeam Data Platform Veeam Backup & Replication Veeam ONE Veeam Recovery Orchestrator Veeam Plug-ins for Enterprise Applications Veeam Plug-in for SAP HANA Veeam Plug-in for...

7.1AI score
Exploits0
Veeam
Veeam
added 2024/08/06 12:0 a.m.14 views

How to Export Console and HAR File

Purpose This article documents how to generate a HAR file HTTP Archive to provide additional diagnostic information when investigating issues for web-based applications e.g., Veeam Service Provider Console, Veeam Recovery Orchestrator, etc. Solution 1. Launch the web browser. 2. Open the Develope...

6.6AI score
Exploits0
GithubExploit
GithubExploit
added 2024/06/13 8:32 a.m.392 views

Exploit for Use of Hard-coded Credentials in Veeam Recovery_Orchestrator

CVE-2024-29855 Veeam Recovery Orchestrator Authentication Bypa...

9CVSS9.2AI score0.21634EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2024/06/13 12:0 a.m.8 views

The vulnerability of the software recovery and backup console of Veeam Recovery Orchestrator allows a perpetrator to escalate their privileges.

The vulnerability of the software recovery and backup console of Veeam Recovery Orchestrator lies in the use of rigidly encoded credentials. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain increased privileges...

9CVSS7.7AI score0.21634EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/06/11 4:15 a.m.4 views

CVE-2024-29855

Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator...

9CVSS5.8AI score0.21634EPSS
Exploits1References1
NVD
NVD
added 2024/06/11 4:15 a.m.38 views

CVE-2024-29855

Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator...

9CVSS0.21634EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/06/11 3:55 a.m.31 views

CVE-2024-29855

Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator...

9CVSS7.2AI score0.21634EPSS
Exploits1References1
CVE
CVE
added 2024/06/11 3:55 a.m.159 views

CVE-2024-29855

CVE-2024-29855 affects Veeam Recovery Orchestrator (VRO) Web Console. The root cause is a hard-coded JWT secret that enables authentication bypass, allowing an attacker to gain administrative access to the VRO web UI. Affected releases include VRO versions prior to the patched builds. According t...

9CVSS7.2AI score0.21634EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/06/11 3:55 a.m.35 views

CVE-2024-29855

Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator...

9CVSS0.21634EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.5 views

Veeam Recovery Orchestrator Security Breach

Veeam Recovery Orchestrator is a Veeam company that provides comprehensive reporting, automated testing, and at-a-glance compliance dashboards. A security vulnerability exists in Veeam Recovery Orchestrator version 7.0 that stems from a Hard-coded JWT key that can bypass authentication...

9CVSS6.8AI score0.21634EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/06/10 12:0 a.m.6 views

PT-2024-4063 · Veeam · Veeam Recovery Orchestrator

Name of the Vulnerable Software and Affected Versions: Veeam Recovery Orchestrator affected versions not specified Description: The issue is related to the use of hard-coded credentials in the Veeam Recovery Orchestrator web console, which can allow a remote attacker to bypass authentication and...

9CVSS9.2AI score0.21634EPSS
Exploits1References20
Veeam
Veeam
added 2024/06/10 12:0 a.m.43 views

Veeam Recovery Orchestrator Vulnerability (CVE-2024-29855)

Veeam Software Security Commitment Veeam® is committed to ensuring its products protect customers from potential risks. As part of that commitment, we operate a Vulnerability Disclosure Program VDP for all Veeam products and perform extensive internal code audits. When a vulnerability is...

9CVSS9.3AI score0.21634EPSS
Exploits1Affected Software1
OSV
OSV
added 2024/02/07 1:15 a.m.6 views

CVE-2024-22022

Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-privileged role to access the NTLM hash of the service account used by the Veeam Orchestrator Server Service...

8.8CVSS5.7AI score0.00701EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/02/07 1:15 a.m.4 views

CVE-2024-22021

Vulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role Plan Author to retrieve plans from a Scope other than the one they are assigned to...

6.5CVSS6.8AI score0.00399EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder