CVE-2024-42451

A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over an external protocol, ultimately retrieving the credentials using a malicious setup on the attacker's side. This exposes sensitive data, which could be used for further attacks, including unauthorized access to systems managed by the platform.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.veeam.com/kb4693	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:veeam:veeam_backup_\&_replication:*:*:*:*:*:*:*:*

History

24 Apr 2025, 17:20

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.7~~	v2 : unknown v3 : 6.5
References	~~() https://www.veeam.com/kb4693 -~~	() https://www.veeam.com/kb4693 - Vendor Advisory
CPE		cpe:2.3:a:veeam:veeam_backup_\&_replication::::::::
First Time		Veeam Veeam veeam Backup \& Replication

Information

Published : 2024-12-04 02:15

Updated : 2025-04-24 17:20

NVD link : CVE-2024-42451

Mitre link : CVE-2024-42451

CVE.ORG link : CVE-2024-42451

JSON object : View

Products Affected

veeam

veeam_backup_\&_replication

CWE

CWE-312

Cleartext Storage of Sensitive Information

CWE-863

Incorrect Authorization

{"id": "CVE-2024-42451", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "support@hackerone.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 7.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 3.1}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2024-12-04T02:15:04.643", "references": [{"url": "https://www.veeam.com/kb4693", "tags": ["Vendor Advisory"], "source": "support@hackerone.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-312"}, {"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over an external protocol, ultimately retrieving the credentials using a malicious setup on the attacker's side. This exposes sensitive data, which could be used for further attacks, including unauthorized access to systems managed by the platform."}, {"lang": "es", "value": "Una vulnerabilidad en Veeam Backup & Replication permite a los usuarios con pocos privilegios filtrar todas las credenciales guardadas en texto plano. Esto se logra llamando a una serie de m\u00e9todos a trav\u00e9s de un protocolo externo y, en \u00faltima instancia, recuperando las credenciales mediante una configuraci\u00f3n maliciosa del lado del atacante. Esto expone datos confidenciales, que podr\u00edan usarse para otros ataques, incluido el acceso no autorizado a los sistemas administrados por la plataforma."}], "lastModified": "2025-04-24T17:20:53.130", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:veeam:veeam_backup_\\&_replication:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97D6D507-5200-44A1-9122-C3CF8660C1C7", "versionEndExcluding": "12.3.0.310", "versionStartIncluding": "12.0.0.1402"}], "operator": "OR"}]}], "sourceIdentifier": "support@hackerone.com"}