CVE-2024-45204

A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials. The exploitation involves using retrieved credentials to expose sensitive NTLM hashes, impacting systems beyond the initial target and potentially leading to broader security vulnerabilities.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.veeam.com/kb4693	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:veeam:veeam_backup_\&_replication:*:*:*:*:*:*:*:*

History

24 Apr 2025, 16:59

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.7~~	v2 : unknown v3 : 4.3
CPE		cpe:2.3:a:veeam:veeam_backup_\&_replication::::::::
References	~~() https://www.veeam.com/kb4693 -~~	() https://www.veeam.com/kb4693 - Vendor Advisory
First Time		Veeam Veeam veeam Backup \& Replication

06 Dec 2024, 20:15

Type	Values Removed	Values Added
CWE		CWE-863

Information

Published : 2024-12-04 02:15

Updated : 2025-04-24 16:59

NVD link : CVE-2024-45204

Mitre link : CVE-2024-45204

CVE.ORG link : CVE-2024-45204

JSON object : View

Products Affected

veeam

veeam_backup_\&_replication

CWE

CWE-863

Incorrect Authorization

{"id": "CVE-2024-45204", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "support@hackerone.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 7.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 3.1}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2024-12-04T02:15:05.233", "references": [{"url": "https://www.veeam.com/kb4693", "tags": ["Vendor Advisory"], "source": "support@hackerone.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials. The exploitation involves using retrieved credentials to expose sensitive NTLM hashes, impacting systems beyond the initial target and potentially leading to broader security vulnerabilities."}, {"lang": "es", "value": " Existe una vulnerabilidad en la que un usuario con pocos privilegios puede aprovechar la falta de permisos en el manejo de credenciales para filtrar hashes NTLM de credenciales guardadas. La explotaci\u00f3n implica el uso de credenciales recuperadas para exponer hashes NTLM confidenciales, lo que afecta a sistemas m\u00e1s all\u00e1 del objetivo inicial y puede generar vulnerabilidades de seguridad m\u00e1s amplias."}], "lastModified": "2025-04-24T16:59:33.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:veeam:veeam_backup_\\&_replication:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97D6D507-5200-44A1-9122-C3CF8660C1C7", "versionEndExcluding": "12.3.0.310", "versionStartIncluding": "12.0.0.1402"}], "operator": "OR"}]}], "sourceIdentifier": "support@hackerone.com"}