How severe is CVE-2024-45206?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Veeam Service Provider Console

CVE-2024-45206

A vulnerability in Veeam Service Provider Console has been identified, which allows to perform arbitrary HTTP requests to arbitrary hosts of the network and get information about internal resources.

EPSS: 0.004 (60.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N.

Affected products

Veeam Service Provider Console — versions 8.0

References

www.veeam.com/kb4649

Frequently asked questions

What is CVE-2024-45206?: CVE-2024-45206 is a medium-severity vulnerability in Veeam Service Provider Console. CVSS score: 6.5/10. Published 2024-12-04.
How severe is CVE-2024-45206?: Medium severity. CVSS v3 base score is 6.5 out of 10.