CVE-2024-38651

Summary

A code injection vulnerability can allow a low-privileged user to overwrite files on that VSPC server, which can lead to remote code execution on VSPC server.

Affected Software

VendorProductVersion RangeStatus
VeeamVeeam Service Provider Console8 <= 8affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References