CVE-2024-42449: From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to remove arbitrary...

7.1 CVSS

Description

From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to remove arbitrary files on the VSPC server machine.

Classification

CVE ID: CVE-2024-42449

CVSS Base Severity: HIGH

CVSS Base Score: 7.1

Affected Products

Vendor: Veeam

Product: Service Provider Console

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.44% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://www.veeam.com/kb4679

Timeline

2024-12-06 00:32:07 UTC
CVE

From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to remove arbitrary...