{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-22022", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "state": "PUBLISHED", "assignerShortName": "hackerone", "dateReserved": "2024-01-04T01:04:06.574Z", "datePublished": "2024-02-07T00:53:30.523Z", "dateUpdated": "2025-06-03T18:40:07.375Z"}, "containers": {"cna": {"descriptions": [{"lang": "en", "value": "Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-privileged role to access the NTLM hash of the service account used by the Veeam Orchestrator Server Service."}], "affected": [{"vendor": "Veeam", "product": "Recovery Orchestrator", "versions": [{"version": "6", "status": "affected", "lessThan": "6", "versionType": "semver"}, {"version": "5", "status": "affected", "lessThan": "5", "versionType": "semver"}, {"version": "7", "status": "unaffected", "lessThan": "7", "versionType": "semver"}]}, {"vendor": "Veeam", "product": "Availability Orchestrator", "versions": [{"version": "4", "status": "affected", "lessThan": "4", "versionType": "semver"}]}], "references": [{"url": "https://veeam.com/kb4541"}], "metrics": [{"cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/CR:X/IR:X/AR:X", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2024-02-07T00:53:30.523Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-200", "lang": "en", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-02-07T20:03:22.783649Z", "id": "CVE-2024-22022", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-03T18:40:07.375Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:35:34.824Z"}, "title": "CVE Program Container", "references": [{"url": "https://veeam.com/kb4541", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://veeam.com/kb4541", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:35:34.824Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-22022", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-07T20:03:22.783649Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:39.655Z"}}], "cna": {"metrics": [{"cvssV3_0": {"version": "3.0", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/CR:X/IR:X/AR:X"}}], "affected": [{"vendor": "Veeam", "product": "Recovery Orchestrator", "versions": [{"status": "affected", "version": "6", "lessThan": "6", "versionType": "semver"}, {"status": "affected", "version": "5", "lessThan": "5", "versionType": "semver"}, {"status": "unaffected", "version": "7", "lessThan": "7", "versionType": "semver"}]}, {"vendor": "Veeam", "product": "Availability Orchestrator", "versions": [{"status": "affected", "version": "4", "lessThan": "4", "versionType": "semver"}]}], "references": [{"url": "https://veeam.com/kb4541"}], "descriptions": [{"lang": "en", "value": "Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-privileged role to access the NTLM hash of the service account used by the Veeam Orchestrator Server Service."}], "providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2024-02-07T00:53:30.523Z"}}}, "cveMetadata": {"cveId": "CVE-2024-22022", "state": "PUBLISHED", "dateUpdated": "2025-06-03T18:40:07.375Z", "dateReserved": "2024-01-04T01:04:06.574Z", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "datePublished": "2024-02-07T00:53:30.523Z", "assignerShortName": "hackerone"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:veeam:recovery_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD02D9A8-0F48-428A-8FDC-2CD86F1E163C", "versionEndExcluding": "7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-privileged role to access the NTLM hash of the service account used by the Veeam Orchestrator Server Service."}, {"lang": "es", "value": "La vulnerabilidad CVE-2024-22022 permite a un usuario de Veeam Recovery Orchestrator al que se le ha asignado un rol con pocos privilegios acceder al hash NTLM de la cuenta de servicio utilizada por Veeam Orchestrator Server Service."}], "id": "CVE-2024-22022", "lastModified": "2025-06-03T19:15:37.243", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "support@hackerone.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-07T01:15:08.487", "references": [{"source": "support@hackerone.com", "tags": ["Vendor Advisory"], "url": "https://veeam.com/kb4541"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://veeam.com/kb4541"}], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{}