CVE-2023-38547

Sažetak

A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database.

Reference

https://www.veeam.com/kb4508
https://www.veeam.com/kb4508

CVSS

Base:	9.9
Impact:	6.0
Exploitability:	3.1

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Zadnje važnije ažuriranje

06-03-2025 - 16:15

Objavljeno

07-11-2023 - 07:15