How severe is CVE-2024-42453?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.4 out of 10.

What type of vulnerability is CVE-2024-42453?

This is classified as CWE-862, which is a common weakness in software security.

CVE-2024-42453 - HIGH Severity | CVSS 7.4

Vulnerability Description

A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially leading to Denial of Service (DoS) and data integrity issues. The vulnerability is caused by improper permission checks in methods accessed via management services.

Related Vulnerabilities

CVE-2018-16081

HIGH

CVSS:7.4(High)

Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to access files on ...

CWE-8622018

CVE-2018-2503

HIGH

CVSS:7.4(High)

By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore version...

CWE-8622018

CVE-2019-13673

HIGH

CVSS:7.4(High)

Insufficient data validation in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CWE-8622019

CVE-2020-4669

HIGH

CVSS:7.4(High)

IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password...

CWE-8622020

CVE-2023-33983

HIGH

CVSS:7.4(High)

The Introduction Client in Briar through 1.5.3 does not implement out-of-band verification for the public keys of introducees. An introducer can launch man-in-the-middle attacks against later private ...

CWE-8622023

CVE-2024-56070

HIGH

CVSS:7.4(High)

Missing Authorization vulnerability in Azzaroco WP SuperBackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/a through 2.3.3.

CWE-8622024