Vulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role (Plan Author) to retrieve plans from a Scope other than the one they are assigned to.
4.3CVSS
6.5AI Score
0.0004EPSS
Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-privileged role to access the NTLM hash of the service account used by the Veeam Orchestrator Server Service.
8.8CVSS
8.5AI Score
0.001EPSS
9CVSS
7.2AI Score
0.0004EPSS