CVE-2024-42024

A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account credentials to perform remote code execution on the machine where the Veeam ONE Agent is installed.
References
Link Resource
https://www.veeam.com/kb4649 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:veeam:one:*:*:*:*:*:*:*:*

History

28 Apr 2025, 16:47

Type Values Removed Values Added
References () https://www.veeam.com/kb4649 - () https://www.veeam.com/kb4649 - Vendor Advisory
CVSS v2 : unknown
v3 : 9.1
v2 : unknown
v3 : 8.8
CPE cpe:2.3:a:veeam:one:*:*:*:*:*:*:*:*
First Time Veeam one
Veeam

09 Sep 2024, 14:35

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-07 17:15

Updated : 2025-04-28 16:47


NVD link : CVE-2024-42024

Mitre link : CVE-2024-42024

CVE.ORG link : CVE-2024-42024


JSON object : View

Products Affected

veeam

  • one
CWE
CWE-250

Execution with Unnecessary Privileges