AVEVA Software, LLC. Security Vulnerabilities

Resolving Pending State During Cluster Removal with k10multicluster Tool

This article helps in finding and deleting long-running finalizers that are waiting on other resources and can cause deletions to appear stuck in terminating...

How to Configure Veeam Intelligent Diagnostics Log Location

This article documents how to change the location where Veeam Intelligent Diagnostics stores the logs it collects—allowing customers to configure both where those logs are stored temporarily on the Veeam Backup Server before being transferred to the Veeam ONE server and where those logs are stored....

Veeam Recovery Media for Linux OS, Workarounds

Veeam Support Knowledge Base answer to: Veeam Recovery Media for Linux OS,...

Troubleshooting '401 - Unauthorized' or 'x509' Errors When Accessing the Veeam Kasten for Kubernetes Dashboard

Veeam Support Knowledge Base answer to: Troubleshooting '401 - Unauthorized' or 'x509' Errors When Accessing the Veeam Kasten for Kubernetes...

What Data Does Veeam Kasten for Kubernetes Include in the Phone Home Reports

This article documents what data is included in the phone home reports sent by Veeam Kasten for...

Scale-Out Backup Repository Offload task fails with "There is not enough space on the disk"

Veeam Support Knowledge Base answer to: Scale-Out Backup Repository Offload task fails with "There is not enough space on the...

How-To Export Windows Event Logs

This article provides step-by-step instructions to export Windows events for Veeam...

Veeam Agent for Linux - veeamsnap and blksnap Extended Linux Distribution Support

This article describesVeeam Agent for Linux support for distribution versions released after the latest release of Veeam Agent for...

How to Connect to an Object Storage Repository via AWS Privatelink / Direct Connect

This article documents how to configure Veeam Backup & Replication to use AWS PrivateLink or AWS Direct Connect for Scale-Out Backup Repository offload to Capacity Tier or Archive...

Datastore Named 'VeeamBackup_' Listed as Inaccessible

The datastore appears "inaccessible" because the ESXi host cannot access the NFS share hosted by the vPower NFS Service on the Mount Server listed in the datastore's name. If no restores are actively utilizing the Veeam vPower NFS feature, the datastore's inaccessible state is expected...

Release Information for Dell PowerStore Plug-In for Veeam Backup & Replication

Release Information for Dell PowerStore Plug-In for Veeam Backup &...

How to Properly Off-Board a Namespace From Veeam Kasten for Kubernetes Backups

This article documents the procedure to properly off-board a namespace in Veeam Kasten for...

How to ‘Transform’ Multiple Resources with Regex

Veeam Support Knowledge Base answer to: How to ‘Transform’ Multiple Resources with...

Oracle Installed Software Enumeration (Linux / Unix)

Nessus was able to enumerate installed Oracle software on the remote Linux / Unix...

Veeam Backup & Replication support for VMware vSphere

This article provides VMware vSphere compatibility information for the most recent version of Veeam Backup &...

Unexpected Snapshot Deletion Failures in the Job Sessions for ONTAP 9.13.1

Due to a change in ONTAP 9.13.1, cloned volumes in this version fall into the recovery queue for 12 hours by default. The parent snapshot receives a 'busy' state and cannot be deleted before the clone leaves the queue and is removed completely from...

How to Configure EKS Clusters to Use AWS IAM Users/Roles for Veeam Kasten for Kubernetes Access

Follow this guide to provide appropriate Veeam Kasten for Kubernetes role-based access using AWS IAM users or...

Job For .local Domain Fails When Using Ubuntu-base VMware Backup Proxy

This issue occurs because .local is only intended for multicast DNS, and Ubuntu's default configuration prevents the use of .local for unicast DNS. As a result, the Ubuntu-based machine does not contact the network's DNS server when attempting to resolve .local...

Error: Skipping VM processing due to insufficient free disk space on datastore

These alerts are related to the Production Datastore Low Free Space notification settings under General...

Cisco Integrated Management Controller Web-Based Management Interface Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with Administrator-level privileges to perform command injection attacks on an affected system and elevate their privileges to root. This...

“Cannot change WebPart ExportMode to ‘All’. WebPart will be skipped” - Warning When Performing Backup of SharePoint Sites

To back up Web Parts with the Modern App-Only Authentication method, Veeam Backup for Microsoft 365 requires setting the "Export Mode" property of the web part from "None" to "All" to make this Web Part exportable and available for...

Cisco Integrated Management Controller CLI Command Injection Vulnerability

A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or...

Dell PowerPath - Veeam Agent for Linux Limitations

If a Linux server has Dell PowerPath devices attached, all the underlying block devices representing the network paths to the server are skipped from processing. This will result in the error "No objects to backup" or PowerPath devices missing from the backup. If non-PowerPath devices are part of.....

How to Collect Logs for Veeam Backup Enterprise Manager

How to Collect Logs for Veeam Backup Enterprise...

Antivirus Exclusions for Veeam Plug-ins for Enterprise Applications

This article documents antivirus exclusions that may be created to reduce the impact that antivirus software has on the functionality of Antivirus Exclusions for Veeam Plug-ins for Enterprise...

How to Collect Logs for Veeam ONE

The article explains how to collect logs for Veeam...

JA4+ - Suite Of Network Fingerprinting Standards

JA4+ is a suite of network Fingerprinting methods that are easy to use and easy to share. These methods are both human and machine readable to facilitate more effective threat-hunting and analysis. The use-cases for these fingerprints include scanning for threat actors, malware detection, session.....

Intel Chipset Device Software Installed (Windows)

Intel Chipset Device Software is installed on the remote Windows...

Detect Unmanaged Software Install Location (Windows)

Locate software that is not managed by standard operating system install techniques. This software is often installed in non-standard directories or packaged with other software. The discovery of this software will allow plugins to determine if the software is vulnerable. Scan settings and how...

Increase in API Calls when Performing Direct Backups to Immutable Object Storage

This situation is caused by the way in which backup file immutability is maintained when using Immutable Object Storage as a primary backup destination. Block Generations are used to extend the immutability of groups of backup files in periodic...

HP Application Enabling Software Driver - Privileged File Overwrite

A potential security vulnerability has been identified in the HP Application Enabling Software Driver for certain HP PC products, which might allow escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability. Mitigation is available in HP Application...

Veeam Backup & Replication Upgrade Paths

Veeam Backup & Replication Upgrade...

Veeam Cloud Connect - Compiling Provider/Tenant Logs for Support Cases

Veeam Cloud Connect - Compiling Provider/Tenant Logs for Support...

Security Bulletin: A vulnerability in the GUI affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary The certificate for a remote system in a policy-based replication partnership is not correctly validated in the GUI on IBM Storage Virtualize products. Vulnerability Details ** CVEID: CVE-2023-47700 DESCRIPTION: **IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage...

Antivirus Exclusions for Veeam Backup & Replication

This article documents antivirus exclusions that may be created to reduce the impact that antivirus software has on the functionality of Veeam Backup &...

VM Loses Connection During Snapshot Removal

During snapshot removal phase of backup or replication job, VM loses connectivity either momentarily or for extended periods of...

How to restore vCenter Server without a vCenter Server

The vCenter Server is not available and the vCenter Server VM needs to be...

CVE-2024-31744

In Jasper 4.2.2, the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image...

CVE-2024-35751

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Creative Motion, Will Bontrager Software, LLC Woody ad snippets allows Stored XSS.This issue affects Woody ad snippets: from n/a through...

Backup fails with "Invalid argument Asynchronous request operation has failed. Failed to open storage for read/write access"

This error occurs when the storage device is formatted with a 4k logical block size and the Veeam Data Mover Service does not have sufficient permissions to determine the logical block...

'Events data collection failure' Issue

This article provides guidance to troubleshooting Veeam Backup and Replication/Hyper-V event collection...

CVE-2024-35751 WordPress Woody code snippets plugin <= 2.4.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Creative Motion, Will Bontrager Software, LLC Woody ad snippets allows Stored XSS.This issue affects Woody ad snippets: from n/a through...

CVE-2024-35751 WordPress Woody code snippets plugin <= 2.4.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Creative Motion, Will Bontrager Software, LLC Woody ad snippets allows Stored XSS.This issue affects Woody ad snippets: from n/a through...

CVE-2024-35751

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Creative Motion, Will Bontrager Software, LLC Woody ad snippets allows Stored XSS.This issue affects Woody ad snippets: from n/a through...

How to Configure PXE Booting of Veeam Agent for Linux Recovery Media

This article documents how to configure Linux to PXE boot the Veeam Agent for Linux Recovery Media over a...

VSS Snapshot Creation Delay on Server with DFSR Enabled

When preparing the DFS VSS writer for backup, the Veeam Agent gets into a recursion while checking the files in the scope of the DFS...

How to use Veeam Backup for Nutanix AHV/Veeam Backup for Red Hat Virtualization Proxy with Internal CA Certificates

By default, these components are only aware of publicly available Certification Authorities. If an Internal CA is used to sign the Cluster or Veeam Backup & Replication certificate, these components will fail to verify the certificate, and communication will...

File Level Restore - FUSE mount is not supported on kernel versions 4.0.0-4.1.33.

Recovery from backup on a machine running Linux kernel of one of versions 4.0.0-4.1.33 typically fails with ‘FUSE mount is not supported on kernel versions 4.0.0-4.1.33. Upgrade the kernel and try...

Error: Backup proxy is missing C++ runtime components

This error occurs when the VDDK libraries on the VMware Backup Proxy could not be...

Veeam Repair/Reinstall/Update fails with "The following SQL database patches are missed"

When attempting to repair, reinstall, or update Veeam Backup & Replication the process may fail with "The following SQL database patches are missed." This article discusses the cause and effective methods to work around this...