Improper Access Control: Credentials Exposed via Valid Tokens
CVE-2024-42021 Published on September 7, 2024
An improper access control vulnerability allows an attacker with valid access tokens to access saved credentials.
Weakness Type
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2024-42021 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2024-42021
Want to know whenever a new CVE is published for Veeam One? stack.watch will email you.
Affected Versions
Veeam One:- Version 12.1, <= 12.1 is affected.
- Version 12, <= 12.1.0.3208 is affected.
Exploit Probability
EPSS
0.16%
Percentile
37.01%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.