Veeam Backup Enterprise Manager: Unauth Web Login (CVE-2024-29849)
CVE-2024-29849 Published on May 22, 2024
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
Weakness Type
What is an authentification Vulnerability?
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.
CVE-2024-29849 has been classified to as an authentification vulnerability or weakness.
Products Associated with CVE-2024-29849
Want to know whenever a new CVE is published for Veeam Backup Replication? stack.watch will email you.
Affected Versions
Veeam Backup & Replication:- Version 12.1.2.172 and below 12.1.2.172 is affected.
- Version 11.0.1.1261 P20240304 and below 11.0.1.1261 P20240304 is affected.
- Before 12.1.2.172 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.