Skip to main content

Disaster Recovery Orchestrator

1 CVEs product

Monthly

CVE-2024-22021 MEDIUM This Month

Vulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role (Plan Author) to retrieve plans from a Scope other than the one they are assigned to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Availability Orchestrator Disaster Recovery Orchestrator Recovery Orchestrator
NVD
CVSS 3.1
4.3
EPSS
0.4%
EPSS 0% CVSS 4.3
MEDIUM This Month

Vulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role (Plan Author) to retrieve plans from a Scope other than the one they are assigned to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Availability Orchestrator Disaster Recovery Orchestrator +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy