Description
From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to remove arbitrary files on the VSPC server machine.
References (1)
Core 1
Core References
Various Sources
https://www.veeam.com/kb4679
Scores
CVSS v3
7.1
EPSS
0.0537
EPSS Percentile
91.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-732
Status
published
Products (1)
Veeam/Service Provider Console
8.1
Published
Dec 04, 2024
Tracked Since
Feb 18, 2026