CVE-2023-38549

A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service. Note: The criticality of this vulnerability is reduced as it requires interaction by a user with the Veeam ONE Administrator role.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://www.veeam.com/kb4508	Patch Vendor Advisory
https://www.veeam.com/kb4508	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:veeam:one:11.0.0.1379:::::::*
	cpe:2.3:a:veeam:one:11.0.1.1880:::::::*
	cpe:2.3:a:veeam:one:12.0.0.2498:::::::*
	cpe:2.3:a:veeam:one:12.0.1.2591:::::::*

History

No history.

Information

Published : 2023-11-07 07:15

Updated : 2024-11-21 08:13

NVD link : CVE-2023-38549

Mitre link : CVE-2023-38549

CVE.ORG link : CVE-2023-38549

JSON object : View

Products Affected

veeam

one

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2023-38549", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "support@hackerone.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 0.9}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}]}, "published": "2023-11-07T07:15:09.187", "references": [{"url": "https://www.veeam.com/kb4508", "tags": ["Patch", "Vendor Advisory"], "source": "support@hackerone.com"}, {"url": "https://www.veeam.com/kb4508", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service. Note: The criticality of this vulnerability is reduced as it requires interaction by a user with the Veeam ONE Administrator role."}, {"lang": "es", "value": "Una vulnerabilidad en Veeam ONE permite a un usuario sin privilegios que tiene acceso al cliente web Veeam ONE la capacidad de adquirir el hash NTLM de la cuenta utilizada por Veeam ONE Reporting Service. Nota: La criticidad de esta vulnerabilidad se reduce ya que requiere la interacci\u00f3n de un usuario con el rol de administrador de Veeam ONE."}], "lastModified": "2024-11-21T08:13:48.593", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:veeam:one:11.0.0.1379:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D1ECDF8-4BAB-4E77-A409-EB5065AB916D"}, {"criteria": "cpe:2.3:a:veeam:one:11.0.1.1880:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD967DF5-1470-43EF-9465-A2E464F30F88"}, {"criteria": "cpe:2.3:a:veeam:one:12.0.0.2498:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1C9B702-1613-4570-B9CB-5BF3F7F6B732"}, {"criteria": "cpe:2.3:a:veeam:one:12.0.1.2591:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1FB1ABE-0179-400B-8EFD-7F84A51B64C8"}], "operator": "OR"}]}], "sourceIdentifier": "support@hackerone.com"}