CVE-2024-40718

Summary

A server side request forgery vulnerability allows a low-privileged user to perform local privilege escalation through exploiting an SSRF vulnerability.

Affected Software

VendorProductVersion RangeStatus
VeeamNutanix AHV12.6.0 < 12.6.0affected
VeeamNutanix KVM12.5.0 < 12.5.0affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References