CVE-2024-40717

A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution RCE by updating existing jobs. These jobs can be configured to run pre- and post-scripts, which can be located on a network share and are executed with elevated privilege...

CVE-2024-42455

A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service account privileges. The...

CVE-2024-42456

A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. This can result in unauthorized...

CVE-2024-42453

The CVE-2024-42453 entry concerns Veeam Backup & Replication where low-privileged users can manipulate configurations on connected virtual infrastructure hosts due to improper permission checks in management services. Affected behavior includes powering off virtual machines, deleting storage file...

Veeam Backup & Replication 安全漏洞

Veeam Backup & Replication is a backup and replication software from Veeam USA. A security vulnerability exists in Veeam Backup & Replication. An attacker could exploit the vulnerability to obtain sensitive information...

Veeam Backup & Replication 安全漏洞

Veeam Backup & Replication is a backup and replication software from Veeam USA. A security vulnerability exists in Veeam Backup & Replication 12.2.0.334 and previous versions 12.X. The vulnerability stems from an insufficient blacklist during deserialization, which allows for the deletion of any...

Veeam Backup & Replication 安全漏洞

Veeam Backup & Replication is a backup and replication software from Veeam USA. A security vulnerability exists in Veeam Backup & Replication 12.2.0.334 and previous 12.X versions, which stems from a vulnerability that allows the exposure of saved credentials by leveraging a combination of method...

PT-2024-31482 · Veeam · Veeam Backup & Replication

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials...

Vulnerabilities Resolved in Veeam Backup & Replication 12.3

All vulnerabilities documented in this article were resolved in Veeam Backup & Replication 12.3. Veeam Product Latest Version Download Page Veeam Software Security Commitment Veeam® is committed to ensuring its products protect customers from potential risks. As part of that commitment, we operat...

Release Information for Veeam Backup & Replication 12.3

Requirements You can check the installed build number in the Veeam Backup & Replication Console's Main Menu ≡ under Help About. Release Information 12.3.2.4465 2026-03-12 Security Vulnerabilities Indicated severity values are CVSS 3.1 scores. CVE-2026-21666 | Severity: Critical 9.9 A vulnerabilit...

How to Disable Boot Prompt in Veeam Agent for Windows Recovery Media

Version Requirement Requires Veeam Agent for Microsoft Windows version 6.3, which is included with Veeam Backup & Replication 12.3. Purpose This article documents how to disable the 'Press any key to boot from CD or DVD... " prompt that appears when booting from the Veeam Agent for Microsoft...

PT-2024-28995 · Veeam · Veeam Backup & Replication

Name of the Vulnerable Software and Affected Versions: Veeam Backup & Replication affected versions not specified Description: A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution RCE by updating existing jobs. These jobs c...

Veeam Backup and Replication 10.x < 12.2.0.334 Authentication Bypass (November 2024) (KB4682)

The version of Veeam Backup and Replication installed on the remote Windows host is prior to 12.2.0.334. It is, therefore, affected by an authentication bypass vulnerability. Attackers must be able to perform Man-in-the-Middle MITM attack to exploit this vulnerability. Note that Nessus has not...

SUSE-SU-2024:4063-1 Security update for postgresql, postgresql16, postgresql17

This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: - bsc1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane...

SUSE-SU-2024:4052-1 Security update for postgresql, postgresql16, postgresql17

This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: - bsc1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane...

Unable to Interact with Some Hypervisors and Cloud Platforms

Veeam Backup & Replication 13.0.1 Upgrade Warning During the upgrade to Veeam Backup & Replication 13.0.1 or higher, the following warning may be displayed: Incompatible backup server certificate The certificate does not support child certificates creation and must be replaced for virtualization...

K000148488: MySQL vulnerabilities CVE-2024-21243 and CVE-2024-21237

Security Advisory Description CVE-2024-21243 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Telemetry. Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access...

CVE-2024-40715

A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle MITM attack to exploit this vulnerability...

CVE-2024-40715

A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle MITM attack to exploit this vulnerability...

CVE-2024-40715

CVE-2024-40715 affects Veeam Backup Enterprise Manager (VBEM) and enables authentication bypass when an attacker can perform a Man-in-the-Middle (MITM) attack. Public writeups in connected documents confirm the vulnerability is tied to VBEM and that exploitation requires MITM conditions. The reme...