CVE-2024-40714

Summary

An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitive credentials during restore operations.

Affected Software

VendorProductVersion RangeStatus
VeeamBackup and Recovery12.1.2 <= 12.1.2affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References