Description
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
Published: 2024-05-22
Score: 9.8 Critical
EPSS: 53.6% High
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://veeam.com/kb4581 cve-icon cve-icon
History

Tue, 15 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.43415}

 epss

{'score': 0.48113}

Thu, 03 Jul 2025 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Veeam veeam Backup \& Replication
CPEs cpe:2.3:a:veeam:veeam_backup_\&_replication:*:*:*:*:*:*:*:*
Vendors & Products Veeam veeam Backup \& Replication

Thu, 19 Sep 2024 02:30:00 +0000

Type Values Removed Values Added
First Time appeared Veeam
Veeam backup Enterprise Manager
CPEs cpe:2.3:a:veeam:backup_enterprise_manager:*:*:*:*:*:*:*:*
Vendors & Products Veeam
Veeam backup Enterprise Manager
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Subscriptions

Veeam Backup Enterprise Manager Veeam Backup \& Replication
cve-icon MITRE

Status: PUBLISHED

Assigner: hackerone

Published:

Updated: 2024-09-19T01:38:17.699Z

Reserved: 2024-03-21T01:04:07.089Z

Link: CVE-2024-29849

cve-icon Vulnrichment

Updated: 2024-08-02T01:17:58.438Z

cve-icon NVD

Status : Analyzed

Published: 2024-05-22T23:15:08.683

Modified: 2025-07-03T16:14:42.933

Link: CVE-2024-29849

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses