PT-2023-1918

Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication versions 11.0.1.1261 through 12.0.0.1420 Description A flaw exists in the Veeam Backup & Replication software that allows an unauthenticated user with network access to obtain encrypted credentials stored in the...

CVE-2023-27532

Article Applicability This article documents a vulnerability discovered in a core service of Veeam Backup & Replication and Veeam Cloud Connect. This vulnerability does not affect other Veeam products e.g., Veeam Backup for Microsoft 365, Veeam Agent for Microsoft Windows , Veeam ONE, Veeam Servi...

RHEL 7 : rh-mysql80-mysql (RHSA-2023:1102)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1102 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (openstack-swift) security update

An update for openstack-swift is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

How to Configure Azure Storage Account to Leverage Immutability with Veeam Backup & Replication

Purpose This article was designed to complement the information available in the Veeam Backup & Replication User Guide, specifically the required storage account and container settings to align with the Azure Blob Storage Immutability Limitations. This article describes the correct options that...

Login Bypass Vulnerability in Nacos

Nacos is an open source project, maintained and contributed code by the community. Nacos suffers from a login bypass vulnerability that can be exploited by an attacker to copy successful login packets and log in other users...

Task fails with "Repository is not compatible with Catalyst Store with fixed block setting enabled"

Challenge A Veeam Backup & Replication job targeting a StoreOnce Repository backed by a Catalyst Store that has Fixed Block Chunking enabled fails with either of the following errors: Repository is not compatible with Catalyst Store with fixed block setting enabled Error:...

K16385: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2013-5894 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. CVE-2013-5881 Unspecified vulnerability in the MySQL Server...

K70204455: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2016-0640 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier allows local users to affect integrity and availability via vectors related to DML. CVE-2016-0642 Unspecified vulnerability in Oracle MySQL 5.5.48 a...

K10587158: MySQL vulnerability CVE-2016-8284

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication. CVE-2016-8284 Impact There is no impact; F5 products are not affected by this vulnerability...

K41346123: MySQL vulnerability CVE-2016-8287

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication. CVE-2016-8287 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

K92307453: MySQL Server Replication vulnerabilities CVE-2017-3647 and CVE-2017-3649

Security Advisory Description CVE-2017-3647 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with...

K63314101: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2022-21451 Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via...

Release Information for Veeam Backup & Replication 12 Day 0 Update

Update Applicability This "Day 0" update for Veeam Backup & Replication 12 is strictly intended for servers using the RTM release build 12.0.0.14 02. If Veeam Backup & Replication 12 GA build 12.0.0.14 20 is installed, this update can be ignored as it is not needed. All resolved issues listed in...

SUSE CVE-2005-2174

Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete...

SUSE CVE-2011-0822

Unspecified vulnerability in the Streams, AQ & Replication Mgmt component in Oracle Database Server 10.1.0.5 and 10.2.0.3, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

SUSE CVE-2012-1190

Cross-site scripting XSS vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name...

SUSE CVE-2012-3197

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication...

SUSE CVE-2012-4414

Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to t...

SUSE CVE-2013-0375

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication...