AVEVA Software, LLC. Security Vulnerabilities

Malicious Process Detection: Potentially Unwanted Software

The md5sum of one or more running process on the remote Windows host matches software known to violate some corporate policies. Verify that the remote processes are authorized in your...

CVE-2006-4349

PHP remote file inclusion vulnerability in ToendaCMS 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tcms_administer_site parameter to an unspecified script, probably index.php. NOTE: this issue has been disputed by a third party, who states that...

Malicious File Detection: Potentially Unwanted Software

The md5sum of one or more files on the remote Windows host matches software known to violate some corporate policies. Verify that the remote files are authorized in your...

Granular Log Collection Guide for SOBR Capacity/Archive Tier Issues

This article documents an advanced granular log collection method designed to minimize the log bundle size when submitting Veeam Support cases for issues related to the capacity tier or archive tier of a Scale-Out Backup...

List Installed Mac OS X Software

This plugin gathers information about all managed / packaged software installed on the remote Mac OS X...

Oracle Installed Software Enumeration (Linux / Unix)

Nessus was able to enumerate installed Oracle software on the remote Linux / Unix...

How to Enable Changed Block Tracking for Guest Cluster on vSphere with Tanzu

Changed Block Tracking is a VMware feature that tracks changes in virtual disks. Veeam Kasten for Kubernetes uses this feature in vSphere with Tanzu Guest Clusters to efficiently backup Persistent...

CVE-2005-4515

SQL injection vulnerability in WebDB 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified search parameters, possibly Search0. NOTE: the vendor has disputed this issue, saying that "WebDB is a generic online database system used by many of the clients of Lois...

Troubleshooting '401 - Unauthorized' or 'x509' Errors When Accessing the Veeam Kasten for Kubernetes Dashboard

Veeam Support Knowledge Base answer to: Troubleshooting '401 - Unauthorized' or 'x509' Errors When Accessing the Veeam Kasten for Kubernetes...

What Data Does Veeam Kasten for Kubernetes Include in the Phone Home Reports

This article documents what data is included in the phone home reports sent by Veeam Kasten for...

IBM Netezza Platform Software Detection (Linux)

Support software for IBM Netezza, a enterprise data warehousing suite, is installed on the remote Linux...

Intel Chipset Device Software Installed (Windows)

Intel Chipset Device Software is installed on the remote Windows...

Exploit for Infinite Loop in Cisco Adaptive Security Appliance Software

CVE-2024-20353-CiscoASAandFTD Exploit for DoS Cisco ASA and...

How to Properly Off-Board a Namespace From Veeam Kasten for Kubernetes Backups

This article documents the procedure to properly off-board a namespace in Veeam Kasten for...

How to ‘Transform’ Multiple Resources with Regex

Veeam Support Knowledge Base answer to: How to ‘Transform’ Multiple Resources with...

How to Connect to an Object Storage Repository via AWS Privatelink / Direct Connect

This article documents how to configure Veeam Backup & Replication to use AWS PrivateLink or AWS Direct Connect for Scale-Out Backup Repository offload to Capacity Tier or Archive...

CVE-2023-2565

A vulnerability has been found in SourceCodester Multi Language Hotel Management Software 1.0 and classified as problematic. This vulnerability affects unknown code of the file ajax.php of the component POST Parameter Handler. The manipulation of the argument complaint_type with the input...

How to Configure EKS Clusters to Use AWS IAM Users/Roles for Veeam Kasten for Kubernetes Access

Follow this guide to provide appropriate Veeam Kasten for Kubernetes role-based access using AWS IAM users or...

Unexpected Snapshot Deletion Failures in the Job Sessions for ONTAP 9.13.1

Due to a change in ONTAP 9.13.1, cloned volumes in this version fall into the recovery queue for 12 hours by default. The parent snapshot receives a 'busy' state and cannot be deleted before the clone leaves the queue and is removed completely from...

How to Collect Logs for Veeam Backup Enterprise Manager

How to Collect Logs for Veeam Backup Enterprise...

Antivirus Exclusions for Veeam Plug-ins for Enterprise Applications

This article documents antivirus exclusions that may be created to reduce the impact that antivirus software has on the functionality of Antivirus Exclusions for Veeam Plug-ins for Enterprise...

How to Collect Logs for Veeam ONE

The article explains how to collect logs for Veeam...

How to Override Volume storageClass During Export

Veeam Support Knowledge Base answer to: How to Override Volume storageClass During...

Debugging Backups with Longhorn CSI

Veeam Support Knowledge Base answer to: Debugging Backups with Longhorn...

Veeam Agent for Linux - veeamsnap and blksnap Extended Linux Distribution Support

This article describesVeeam Agent for Linux support for distribution versions released after the latest release of Veeam Agent for...

OpenX Source Unsupported Software Detection

OpenX Source, an open source ad server application is no longer maintained and is unsupported by the vendor. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security...

Antivirus Exclusions for Veeam Backup & Replication

This article documents antivirus exclusions that may be created to reduce the impact that antivirus software has on the functionality of Veeam Backup &...

VM Loses Connection During Snapshot Removal

During snapshot removal phase of backup or replication job, VM loses connectivity either momentarily or for extended periods of...

Veeam Recovery Media for Linux OS, Workarounds

Veeam Support Knowledge Base answer to: Veeam Recovery Media for Linux OS,...

Veeam Cloud Connect - Compiling Provider/Tenant Logs for Support Cases

Veeam Cloud Connect - Compiling Provider/Tenant Logs for Support...

Veeam Backup & Replication support for VMware vSphere

This article provides VMware vSphere compatibility information for the most recent version of Veeam Backup &...

Detect Unmanaged Software Install Location (Windows)

Locate software that is not managed by standard operating system install techniques. This software is often installed in non-standard directories or packaged with other software. The discovery of this software will allow plugins to determine if the software is vulnerable. Scan settings and how...

Microsoft Windows Start Menu Software Version Enumeration

This plugin enumerates the installed software version by interrogating information obtained from various registry entries and files on disk. This plugin provides a best guess at the software version and a confidence level for that version. Note that the versions detected here do not necessarily...

CVE-2024-35751 WordPress Woody code snippets plugin <= 2.4.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Creative Motion, Will Bontrager Software, LLC Woody ad snippets allows Stored XSS.This issue affects Woody ad snippets: from n/a through...

How to restore vCenter Server without a vCenter Server

The vCenter Server is not available and the vCenter Server VM needs to be...

“Cannot change WebPart ExportMode to ‘All’. WebPart will be skipped” - Warning When Performing Backup of SharePoint Sites

To back up Web Parts with the Modern App-Only Authentication method, Veeam Backup for Microsoft 365 requires setting the "Export Mode" property of the web part from "None" to "All" to make this Web Part exportable and available for...

Scale-Out Backup Repository Offload task fails with "There is not enough space on the disk"

Veeam Support Knowledge Base answer to: Scale-Out Backup Repository Offload task fails with "There is not enough space on the...

How-To Export Windows Event Logs

This article provides step-by-step instructions to export Windows events for Veeam...

Dell PowerPath - Veeam Agent for Linux Limitations

If a Linux server has Dell PowerPath devices attached, all the underlying block devices representing the network paths to the server are skipped from processing. This will result in the error "No objects to backup" or PowerPath devices missing from the backup. If non-PowerPath devices are part of.....

Intel Graphics Command Center Service Software May 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Graphics Command Center Service software (bundled in some Intel® Graphics Windows DCH driver software), which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential...

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components

Summary There are vulnerabilities in multiple Open Source Software (OSS) components consumed by IBM Planning Analytics Workspace. These issues have been addressed in IBM Planning Analytics 2.1.3 and IBM Planning Analytics 2.0.96 by upgrading or removing the vulnerable libraries. Please refer to...

CVE-2024-35751

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Creative Motion, Will Bontrager Software, LLC Woody ad snippets allows Stored XSS.This issue affects Woody ad snippets: from n/a through...

CVE-2024-35751 WordPress Woody code snippets plugin <= 2.4.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Creative Motion, Will Bontrager Software, LLC Woody ad snippets allows Stored XSS.This issue affects Woody ad snippets: from n/a through...

Security Bulletin: Multiple Vulnerabilities in IBM® SDK, Java™ Technology Java affect IBM Cloud Pak System

Summary Vulnerabilities in IBM Java SDK affect IBM Cloud Pak System. Vulnerability Details ** CVEID: CVE-2023-21930 DESCRIPTION: **An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high...

Datastore Named 'VeeamBackup_' Listed as Inaccessible

The datastore appears "inaccessible" because the ESXi host cannot access the NFS share hosted by the vPower NFS Service on the Mount Server listed in the datastore's name. If no restores are actively utilizing the Veeam vPower NFS feature, the datastore's inaccessible state is expected...

Release Information for Dell PowerStore Plug-In for Veeam Backup & Replication

Release Information for Dell PowerStore Plug-In for Veeam Backup &...

CVE-2024-35751

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Creative Motion, Will Bontrager Software, LLC Woody ad snippets allows Stored XSS.This issue affects Woody ad snippets: from n/a through...

Job For .local Domain Fails When Using Ubuntu-base VMware Backup Proxy

This issue occurs because .local is only intended for multicast DNS, and Ubuntu's default configuration prevents the use of .local for unicast DNS. As a result, the Ubuntu-based machine does not contact the network's DNS server when attempting to resolve .local...

Error: Skipping VM processing due to insufficient free disk space on datastore

These alerts are related to the Production Datastore Low Free Space notification settings under General...

CVE-2007-4037

Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers...