430 matches found
Potential Issue With Backing up Sharepoint, Onedrive, Teams Files, and List Attachments
Challenge Backup of SharePoint, OneDrive, and Teams data completes successfully, and subsequent restores of this protected data are successful. However, when opening some of the restored files or list attachments, users may find that these items do not open correctly in their associated...
EUVD-2024-41710
Malicious code in bioql PyPI...
Connection to Veeam Software Appliance Fails With: "Authentication failed: invalid credentials"
Challenge When attempting to use local account credentials to connect to a Veeam Software Appliance that is joined to a domain, the Console fails to connect with the errror: Authentication failed: invalid credentials Cause This error occurs due to an account collision caused by the...
CVE-2024-29852
Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs...
Critical Veeam Vulnerabilities Allow Remote Code Execution – Update Now
SUMMARY Veeam, a leading provider of backup, recovery, and data management solutions, has issued urgent security updates to…...
Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console
Veeam has released security updates to address a critical flaw impacting Service Provider Console VSPC that could pave the way for remote code execution on susceptible instances. The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. The company noted...
CVE-2024-42452
A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges. The vulnerability...
CVE-2024-42455
A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service account privileges. The...
Veeam Service Provider Console Vulnerability (CVE-2024-42448 | CVE-2024-42449)
Veeam Software Security Commitment Veeam® is committed to ensuring its products protect customers from potential risks. As part of that commitment, we operate a Vulnerability Disclosure Program VDP for all Veeam products and perform extensive internal code audits. When a vulnerability is...
Vulnerabilities Resolved in Veeam Backup & Replication 12.3
All vulnerabilities documented in this article were resolved in Veeam Backup & Replication 12.3. Veeam Product Latest Version Download Page Veeam Software Security Commitment Veeam® is committed to ensuring its products protect customers from potential risks. As part of that commitment, we operat...
Unable to Interact with Some Hypervisors and Cloud Platforms
Veeam Backup & Replication 13.0.1 Upgrade Warning During the upgrade to Veeam Backup & Replication 13.0.1 or higher, the following warning may be displayed: Incompatible backup server certificate The certificate does not support child certificates creation and must be replaced for virtualization...
CVE-2024-40715
A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle MITM attack to exploit this vulnerability...
Veeam Backup Enterprise Manager Vulnerability (CVE-2024-40715)
Veeam Software Security Commitment Veeam® is committed to ensuring its products protect customers from potential risks. As part of that commitment, we operate a Vulnerability Disclosure Program VDP for all Veeam products and perform extensive internal code audits. When a vulnerability is...
Veeam Backup and Replication Deserialization Vulnerability
Veeam Backup and Replication contains a deserialization vulnerability allowing an unauthenticated user to perform remote code execution...
Veeam B&R RCE vulnerability CVE-2024-40711 is exploited in attacks
Veeam B &R RCE vulnerability CVE-2024-40711is exploited in attacks. On September 24, there were no signs of this vulnerability being exploited in the wild. And on October 10, Sophos X-Ops reported that they had observed a series of attacks exploiting this vulnerability over the course of a month...
Error occurred during certificate processing. — Upgrade Veeam Backup Enterprise Manager Error
Challenge When attempting to upgrade an existing Veeam Backup Enterprise Manager deployment to version 12.2, the installer fails, displaying the error: Error occurred during certificate processing. Cause This error occurs when the TLS certificate used for REST API doesn't specify a certificate...
How to Upgrade PostgreSQL 12 used by Veeam Backup for Salesforce
Purpose This article documents the procedure for upgrading the PostgreSQL v12 deployment before upgrading Veeam Backup for Salesforce. Cause Starting in Veeam Backup for Salesforce v3, PostgreSQL v12 is no longer supported. Solution Before beginning the Veeam Backup for Salesforce upgrade, whethe...
How to Reset Account Lockout for 'Managed Hardened Repository ISO by Veeam'
Purpose This article documents how to unlock the accounts used with the Managed Hardened Repository ISO by Veeam, veeamsvc or vhradmin, when they become locked out. The Managed Hardened Repository ISO by Veeam deploys Rocky Linux with the DISA STIG security profile, which utilizes faillock to loc...
Multiple Vulnerabilities in Veeam Backup & Replication
On Wednesday, September 4, 2024, backup and recovery software provider Veeam released their September security bulletin disclosing various vulnerabilities in Veeam products. One of the higher-severity vulnerabilities included in the bulletin is CVE-2024-40711, a critical unauthenticated remote co...
New Veeam Vulnerability Puts Thousands of Backup Servers at Risk – PATCH NOW!
A critical vulnerability CVE-2024-40711 in Veeam Backup & Replication software allows attackers to gain full control without authentication.…...