CVE-2024-39714

Summary

A code injection vulnerability that permits a low-privileged user to upload arbitrary files to the server, leading to remote code execution on VSPC server.

Affected Software

VendorProductVersion RangeStatus
VeeamVeeam Service Provider Console8 <= 8affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References