Veeam ONE Web Client Vulnerability: Unauthorized Access to NTLM Hash

Veeam ONE Web Client Vulnerability: Unauthorized Access to NTLM Hash

CVE-2023-38548 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service.

Learn more about our Web App Pen Testing.