PT-2024-9569 · Veeam · Veeam Agent For Linux
Published
2024-09-04
·
Updated
2024-10-19
·
CVE-2024-40709
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Veeam Agent for Linux (affected versions not specified)
Description
A missing authorization vulnerability allows a local low-privileged user on the machine to escalate their privileges to root level. This issue is related to the lack of an authorization procedure in the Veeam Agent for Linux data backup tool.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Veeam Agent For Linux