CVE-2024-29855

critical

Veeam

CVSS v3 Base Score

9.0

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Characteristics

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Confidentiality

High

Integrity

High

Availability

High

Published: June 11, 2024 (703 days ago)

Last Modified: July 14, 2025

Vendor: Veeam

Source: NVD

Description

Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator