{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T05:56:40.291","vulnerabilities":[{"cve":{"id":"CVE-2024-42451","sourceIdentifier":"support@hackerone.com","published":"2024-12-04T02:15:04.643","lastModified":"2025-04-24T17:20:53.130","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over an external protocol, ultimately retrieving the credentials using a malicious setup on the attacker's side. This exposes sensitive data, which could be used for further attacks, including unauthorized access to systems managed by the platform."},{"lang":"es","value":"Una vulnerabilidad en Veeam Backup & Replication permite a los usuarios con pocos privilegios filtrar todas las credenciales guardadas en texto plano. Esto se logra llamando a una serie de métodos a través de un protocolo externo y, en última instancia, recuperando las credenciales mediante una configuración maliciosa del lado del atacante. Esto expone datos confidenciales, que podrían usarse para otros ataques, incluido el acceso no autorizado a los sistemas administrados por la plataforma."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV30":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-312"},{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:veeam:veeam_backup_\\&_replication:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0.0.1402","versionEndExcluding":"12.3.0.310","matchCriteriaId":"97D6D507-5200-44A1-9122-C3CF8660C1C7"}]}]}],"references":[{"url":"https://www.veeam.com/kb4693","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}}]}