Veeam Recovery_orchestrator
3 CVEs affecting Veeam Recovery_orchestrator. Latest disclosed: 2024-06-11. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-29855 | Critical | 9.0 | 2024-06-11 | Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator |
CVE-2024-22022 | High | 8.8 | 2024-02-07 | Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-privileged role to access the NTLM hash of the service acco… |
CVE-2024-22021 | Medium | 4.3 | 2024-02-07 | Vulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role (Plan Author) to retrieve plans from a Scope other than the o… |