Design/Logic Flaw

Insecure permissions in Nakivo Backup & Replication Director version 9.4.0.r43656 on Linux allow local users to access the Nakivo Director web interface and gain root privileges. This occurs because the database containing the users of the web application and the password-recovery secret value is...

CVE-2020-15851

Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. It is also possible to create or delete backup repositories...

CVE-2020-15851

CVE-2020-15851 concerns Nakivo Backup & Replication Transporter (version 9.4.0.r43656). The issue is a lack of access control that allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration through a network-accessible transporter service, with the abili...

CVE-2020-15850

Insecure permissions in Nakivo Backup & Replication Director version 9.4.0.r43656 on Linux allow local users to access the Nakivo Director web interface and gain root privileges. This occurs because the database containing the users of the web application and the password-recovery secret value is...

CVE-2020-15850

Nakivo Backup & Replication Director 9.4.0.r43656 on Linux exposes insecure permissions: the web app user database and password-recovery secret are readable, enabling local users to access the Nakivo Director web interface and gain root privileges. No remediation details are provided in the suppl...

Using Restore to Microsoft Azure with ExpressRoute or site-to-site VPN connectivity to Azure

Challenge You may use Restore to Microsoft Azure for environments with ExpressRoute or site-to-site VPN connectivity to Azure. When using Azure Restore Proxy Appliance and helper appliances to perform the restore, they must have private IP addresses only. Solution Starting with Veeam Backup &...

Exploit for CVE-2020-1472

CVE-2020-1472 POC The vulnerability can be exploited in a Wi...

mysql: Server: Replication unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Serve...

mysql: Server: Replication unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

mysql: Server: Group Replication GCS unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication GCS. Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

mysql: Server: Replication unspecified vulnerability (CPU Oct 2019)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

mysql: Server: Replication unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols t...

mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Serve...

mysql: Server: Replication unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

mysql: Server: Replication unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

mysql: Server: Group Replication GCS unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication GCS. Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

mysql: Server: Replication unspecified vulnerability (CPU Oct 2019)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

mysql: Server: Replication unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols t...

Azure VMware Solution Support — Considerations and Limitations

Challenge Azure VMware Solution AVS is a VMware Cloud Verified offering that requires specific considerations to work with Veeam Backup & Replication. Aside from the listed instructions and limitations below, you can use AVS with Veeam Backup & Replication like you would any other VMware vSphere...