Filtered by vendor Veeam Subscriptions
Filtered by product Backup \& Replication Subscriptions

Search

Switch to Advanced Search (Beta)
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-40711 1 Veeam 2 Backup \& Replication, Veeam Backup \& Replication 2025-10-21 9.8 Critical
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).
CVE-2024-40715 1 Veeam 2 Backup \& Replication, Veeam Backup \& Replication 2025-07-11 N/A
A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle (MITM) attack to exploit this vulnerability.
CVE-2024-40714 1 Veeam 2 Backup \& Replication, Veeam Backup \& Replication 2025-05-01 8.3 High
An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitive credentials during restore operations.
CVE-2024-40713 1 Veeam 2 Backup \& Replication, Veeam Backup \& Replication 2025-05-01 7.8 High
A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor Authentication (MFA) settings and bypass MFA.
CVE-2024-40712 1 Veeam 2 Backup \& Replication, Veeam Backup \& Replication 2025-05-01 7.8 High
A path traversal vulnerability allows an attacker with a low-privileged account and local access to the system to perform local privilege escalation (LPE).
CVE-2024-40710 1 Veeam 2 Backup \& Replication, Veeam Backup \& Replication 2025-05-01 8.8 High
A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and extraction of sensitive information (savedcredentials and passwords). Exploiting these vulnerabilities requires a user who has been assigned a low-privileged role within Veeam Backup & Replication.