3 matches found
CVE-2020-15419
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Veeam ONE 10.0.0.75020200415. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ReporterImportLicense class. Due to the improper restriction of...
CVE-2020-15419
CVE-2020-15419 affects Veeam ONE, specifically the Reporter_ImportLicense XML processing. The issue is an XML External Entity (XXE) vulnerability that allows remote attackers, without authentication, to read arbitrary files in the SYSTEM context via a crafted document, as described by Red Hat, NV...
Veeam ONE XML External Entity Processing vulnerabilities
Challenge XML External Entity Processing vulnerabilities in Veeam ONE Reporter make possible to read arbitrary files without authentication. Severity : critical CVSS v3 score : 7.5 Cause Veeam ONE Reporter uses XML files for importing and exporting report templates. A remote attacker may send...