One Security Vulnerabilities and Issues — One CVE List

Lucene search

VeeamOne

6 matches found

CVE•added 2024/09/07 5:15 p.m.•67 views

CVE-2024-42019

A vulnerability that allows an attacker to access the NTLM hash of the Veeam Reporter Service service account. This attack requires user interaction and data collected from Veeam Backup & Replication.

9CVSS6.8AI score0.00182EPSS

CVE•added 2024/09/07 5:15 p.m.•64 views

CVE-2024-42024

A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account credentials to perform remote code execution on the machine where the Veeam ONE Agent is installed.

9.1CVSS7.8AI score0.00597EPSS

CVE•added 2024/09/07 5:15 p.m.•52 views

CVE-2024-42023

An improper access control vulnerability allows low-privileged users to execute code with Administrator privileges remotely.

8.8CVSS7.3AI score0.00181EPSS

CVE•added 2024/09/07 5:15 p.m.•51 views

CVE-2024-42020

A Cross-site-scripting (XSS) vulnerability exists in the Reporter Widgets that allows HTML injection.

7.3CVSS6.5AI score0.00201EPSS

CVE•added 2024/09/07 5:15 p.m.•50 views

CVE-2024-42021

An improper access control vulnerability allows an attacker with valid access tokens to access saved credentials.

7.5CVSS6.8AI score0.00068EPSS

CVE•added 2024/09/07 5:15 p.m.•49 views

CVE-2024-42022

An incorrect permission assignment vulnerability allows an attacker to modify product configuration files.

7.5CVSS6.8AI score0.00076EPSS