A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service. Note: The criticality of this vulnerability is reduced as it requires interaction by a user with the Veeam ONE Administrator role.
References
Link | Resource |
---|---|
https://www.veeam.com/kb4508 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2023-11-07T06:17:31.636Z
Updated: 2023-11-07T06:17:31.636Z
Reserved: 2023-07-20T01:00:12.444Z
Link: CVE-2023-38549
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-11-07T07:15:09.187
Modified: 2023-11-14T20:22:56.610
Link: CVE-2023-38549
JSON object: View
Redhat Information
No data.
CWE