CVE-2024-40714 HIGH

CVE-2024-40714

Vendor Veeam
Product Backup and Recovery
Published September 7, 2024
Last update September 9, 2024

CVSS base score

8.3/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitive credentials during restore operations.

Key dates

02Disclosure timeline

September 7, 2024 CVE published
September 9, 2024 Record updated