CVE-2024-40715

HIGH Year: 2024
CVSS v3 Score
7.7
High
Weakness Type
CWE-294
View all →

Vulnerability Description

A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle (MITM) attack to exploit this vulnerability.

Related Vulnerabilities

CVE-2024-4009

HIGH
CVSS:7.8(High)

Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System

CWE-2942024

CVE-2024-12137

HIGH
CVSS:7.6(High)

Authentication Bypass by Capture-replay vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Session Hijacking.This issue affects ANKA JPD-00028: through 19.03.2025. NOTE: The vendor did not inf...

CWE-2942024

CVE-2025-30072

HIGH
CVSS:7.6(High)

Tiiwee X1 Alarm System TWX1HAKV2 allows Authentication Bypass by Capture-replay, leading to physical Access to the protected facilities without triggering an alarm.

CWE-2942025

CVE-2018-1128

HIGH
CVSS:7.5(High)

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packe...

CWE-2942018

CVE-2018-17176

HIGH
CVSS:7.5(High)

A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode requires authentication, but once recorded, the authentication (always transmitted in cleartext) can be repla...

CWE-2942018

CVE-2018-7356

HIGH
CVSS:7.5(High)

All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number (ISN) reuse vulnerability, which can generate easily predictable ISN, and allows remote attacke...

CWE-2942018