ATTACK [PTsecurity] Veeam Backup Manager Authentication Bypass (CVE-2024-29849)

SID: 10011481Rev: 133 views
History
Sourceptrules/open
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert http any any -> any any (msg:"ATTACK [PTsecurity] Veeam Backup Manager Authentication Bypass (CVE-2024-29849)"; flow:established, from_server; http.response_body; content:"RequestSecurityTokenResponse"; content:"urn:oasis:names:tc:SAML:2.0:assertion"; distance:0; content:"<Code>"; distance:0; content:"status/valid"; distance:0; xbits:isset, CVE-2024-29849.POST, track ip_src; reference:cve, 2024-29849; reference:url, summoning.team/blog/veeam-enterprise-manager-cve-2024-29849-auth-bypass/; reference:url, rules.ptsecurity.com; classtype:attempted-admin; sid:10011481; rev:1;)

References

cve2024-29849
urlsummoning.team/blog/veeam-enterprise-manager-cve-2024-29849-auth-bypass/
urlrules.ptsecurity.com

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!