CVE-2024-40710

A series of related high-severity vulnerabilities, the most notable enabling remote code execution RCE as the service account and extraction of sensitive information savedcredentials and passwords. Exploiting these vulnerabilities requires a user who has been assigned a low-privileged role within...

CVE-2024-40713

A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor Authentication MFA settings and bypass MFA...

CVE-2024-42019

A vulnerability that allows an attacker to access the NTLM hash of the Veeam Reporter Service service account. This attack requires user interaction and data collected from Veeam Backup & Replication...

CVE-2024-40710

CVE-2024-40710 affects Veeam Backup & Replication (12.x and earlier). The core issue is a set of high-severity vulnerabilities allowing a low-privileged user to cause remote code execution as the service account and to extract saved credentials/passwords. The CVE is documented with a high impact ...

Veeam Backup & Replication 安全漏洞

Veeam Backup & Replication is a backup and replication software from Veeam USA. A security vulnerability exists in Veeam Backup & Replication version 12.1.2.172 and prior versions 12, which stems from a vulnerability that allows a user with a low-privilege role assigned in Veeam Backup &...

Veeam Backup & Replication 安全漏洞

Veeam Backup & Replication is a backup and replication software from Veeam USA. A security vulnerability exists in Veeam Backup & Replication version 12.1.2.172 and prior versions 12, which stems from the inclusion of a remote code execution vulnerability...

Veeam Backup & Replication 安全漏洞

Veeam Backup & Replication is a backup and replication software from Veeam USA. A security vulnerability exists in Veeam Backup & Replication version 12.1.2.172 and prior versions 12, which stems from the inclusion of an untrusted data deserialization issue that could lead to remote code executio...

Veeam Backup and Replication 12.x < 12.2.0.334 Multiple Vulnerabilities (September 2024) (KB4649)

The version of Veeam Backup and Replication installed on the remote Windows host is 12.x prior to 12.2.0.334. It is, therefore, affected by multiple vulnerabilities, including: - A vulnerability allowing unauthenticated remote code execution RCE. CVE-2024-40711 - A vulnerability that allows a use...

PT-2024-5903

Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication versions prior to 12.2.0.334 Description Veeam Backup & Replication is affected by a critical deserialization of untrusted data vulnerability that allows for unauthenticated remote code execution RCE. This flaw,...

openSUSE: Security Advisory for 389 (SUSE-SU-2024:3082-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-9564 · Veeam · Veeam Backup & Replication

Name of the Vulnerable Software and Affected Versions: Veeam Backup & Replication affected versions not specified Description: An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitive credentials during restore...

PT-2024-9557 · Veeam · Veeam Backup & Replication

Name of the Vulnerable Software and Affected Versions: Veeam Backup & Replication affected versions not specified Description: The issue is related to an improper input validation vulnerability. This vulnerability allows a low-privileged user to remotely remove files on the system with permission...

PT-2024-9558 · Veeam · Veeam Backup & Replication

Name of the Vulnerable Software and Affected Versions: Veeam Backup & Replication affected versions not specified Description: A vulnerability exists that allows a user with a low-privileged role within Veeam Backup & Replication to alter Multi-Factor Authentication MFA settings and bypass MFA...

Veeam Backup & Replication Install Fails with: "A later version of Veeam Explorer for Microsoft Exchange is already installed."

Challenge When attempting to install Veeam Backup & Replication version 12.1, 12.2, or 12.3 on a machine where Veeam Backup for Microsoft 365 version 8 is already installed, the Veeam Backup & Replication install fails with the error: A later version of Veeam Explorer for Microsoft Exchange is...

Release Information for IBM FlashSystem Plug-In for Veeam Backup & Replication

This plug-in leverages the Veeam Universal Storage API, which enables storage OEMs to allow Veeam Backup & Replication integration to the arrays for backup and replication jobs. Requirements Before installing IBM FlashSystem Plug-In v2.3.80, ensure that you are running at least Veeam Backup &...

Release Information for Veeam Backup & Replication 12.2

This update was superseded by Veeam Backup & Replication 12.3. Release Information 12.2.0.334 2024-08-28 Release Information Release Notes What's New ISO Release History Previously released files are not publicly available for download. Mouse-over or tap the filenames in the table to view a file'...

Veeam Backup & Replication 12.1.2 Compatibility with vSphere 8.0 U3

Update 2025-03-31 The "Automatic vCLS VM Exclusion" limitation detailed below was resolved starting in Veeam Backup & Replication 12.2. The NSX-T 4.2 support limitation detailed below was resolved, and NSX-T 4.2.1 is supported fully starting in Veeam Backup & Replication 12.3.1. Support Statement...

PT-2024-9559 · Veeam · Veeam Backup & Replication

Name of the Vulnerable Software and Affected Versions: Veeam Backup & Replication affected versions not specified Description: A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over...

PT-2024-9471 · Veeam · Veeam Backup & Replication

Name of the Vulnerable Software and Affected Versions: Veeam Backup & Replication affected versions not specified Description: A vulnerability in the Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration...

PT-2024-9517 · Veeam · Veeam Backup & Replication

Name of the Vulnerable Software and Affected Versions: Veeam Backup & Replication versions prior to 12.2 Description: A vulnerability in Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability...