Vulnerabilites related to veeam - veeam_backup_\&_replication
Vulnerability from fkie_nvd
Published
2020-07-03 11:15
Modified
2024-11-21 05:05
Severity ?
Summary
VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://zwclose.github.io/veeamon | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://zwclose.github.io/veeamon | Exploit, Technical Description, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_availability_suite | * | |
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_availability_suite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27486AF3-4E86-4ABC-B227-518697CB022E",
"versionEndExcluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FAF796D-3A88-4D85-B1EC-97919DE740DC",
"versionEndExcluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup \u0026 Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests."
},
{
"lang": "es",
"value": "La biblioteca VeeamFSR.sys en Veeam Availability Suite versiones anteriores a 10 y Veeam Backup \u0026amp; Replication versiones anteriores a 10, no posee una DACL de objeto de dispositivo, lo que permite a usuarios no privilegiados alcanzar un control total sobre las peticiones I/O del sistema de archivos"
}
],
"id": "CVE-2020-15518",
"lastModified": "2024-11-21T05:05:41.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-03T11:15:10.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://zwclose.github.io/veeamon"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://zwclose.github.io/veeamon"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-17 21:15
Modified
2025-02-03 16:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://veeam.com | Vendor Advisory | |
| cve@mitre.org | https://www.veeam.com/kb4288 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://veeam.com | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.veeam.com/kb4288 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 |
{
"cisaActionDue": "2023-01-03",
"cisaExploitAdd": "2022-12-13",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Veeam Backup \u0026 Replication Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "837D781D-E21B-458C-8D4A-59949CE4D580",
"versionEndExcluding": "10.0.1.4854",
"versionStartIncluding": "10.0.0.4442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0C1BCB-A018-4425-AC3D-0CE6EAEF372F",
"versionEndExcluding": "11.0.1.1261",
"versionStartIncluding": "11.0.0.825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:-:*:*:*:*:*:*",
"matchCriteriaId": "12E8F01F-4E41-46F0-94BC-DD5174DDF393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:p20201202:*:*:*:*:*:*",
"matchCriteriaId": "E0417823-7418-4294-BE57-0304772DFE39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:p20210609:*:*:*:*:*:*",
"matchCriteriaId": "06BE9B78-075C-48E6-817A-5E0A89983EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:-:*:*:*:*:*:*",
"matchCriteriaId": "EC28D606-0A9B-46E5-A88C-8041357979DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211123:*:*:*:*:*:*",
"matchCriteriaId": "8158D6BC-2041-4600-B935-AD928621D987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211211:*:*:*:*:*:*",
"matchCriteriaId": "54A5147A-341A-4790-AAA8-DF2648423C50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup \u0026 Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2)."
},
{
"lang": "es",
"value": "Veeam Backup \u0026amp; Replication versiones 10.x y 11.x, presenta un Control de Acceso Incorrecto (problema 1 de 2)"
}
],
"id": "CVE-2022-26501",
"lastModified": "2025-02-03T16:15:32.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-03-17T21:15:08.233",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4288"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-10 22:15
Modified
2025-01-28 22:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4424 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.veeam.com/kb4424 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 12.0.0.1420 |
{
"cisaActionDue": "2023-09-12",
"cisaExploitAdd": "2023-08-22",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Veeam Backup \u0026 Replication Cloud Connect Missing Authentication for Critical Function Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:*:*:*:*:*:*:*",
"matchCriteriaId": "4AC06A80-CAA8-45A4-BCA3-A36D56F70B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:-:*:*:*:*:*:*",
"matchCriteriaId": "EC28D606-0A9B-46E5-A88C-8041357979DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211123:*:*:*:*:*:*",
"matchCriteriaId": "8158D6BC-2041-4600-B935-AD928621D987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211211:*:*:*:*:*:*",
"matchCriteriaId": "54A5147A-341A-4790-AAA8-DF2648423C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20220302:*:*:*:*:*:*",
"matchCriteriaId": "0F5A2E58-F9C3-4A65-A83B-C86C970A01D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:12.0.0.1420:-:*:*:*:*:*:*",
"matchCriteriaId": "CA570EC1-4A95-4AD3-8E8C-087769F95F02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in Veeam Backup \u0026 Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts."
}
],
"id": "CVE-2023-27532",
"lastModified": "2025-01-28T22:15:14.430",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-03-10T22:15:10.557",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4424"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 15:15
Modified
2024-11-21 06:12
Severity ?
Summary
Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.veeam.com/kb4126 | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://www.veeam.com/kb4180 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.veeam.com/kb4126 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.veeam.com/kb4180 | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "222F0382-0C41-4AF1-83E6-217CFDC6B148",
"versionEndExcluding": "10.0.1.4854",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63AE8555-9E8A-4BB3-8DFC-4596A648CD11",
"versionEndExcluding": "11.0.0.837",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting."
},
{
"lang": "es",
"value": "Veeam Backup and Replication versiones 10 anteriores a 10.0.1.4854 P20210609 y versiones 11 anteriores a 11.0.0.837 P20210507, maneja inapropiadamente la deserializaci\u00f3n durante el remoting de Microsoft .NET"
}
],
"id": "CVE-2021-35971",
"lastModified": "2024-11-21T06:12:51.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T15:15:10.563",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4126"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4180"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-17 21:15
Modified
2025-02-03 16:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://veeam.com | Vendor Advisory | |
| cve@mitre.org | https://www.veeam.com/kb4288 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://veeam.com | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.veeam.com/kb4288 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | 9.5.0.1536 | |
| veeam | veeam_backup_\&_replication | 9.5.4.2615 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 |
{
"cisaActionDue": "2023-01-03",
"cisaExploitAdd": "2022-12-13",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Veeam Backup \u0026 Replication Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "837D781D-E21B-458C-8D4A-59949CE4D580",
"versionEndExcluding": "10.0.1.4854",
"versionStartIncluding": "10.0.0.4442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0C1BCB-A018-4425-AC3D-0CE6EAEF372F",
"versionEndExcluding": "11.0.1.1261",
"versionStartIncluding": "11.0.0.825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:9.5.0.1536:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC7D0C1-0A10-4704-B8A0-ADFB8B2BA1BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:9.5.4.2615:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5BA0C4-F689-4B0E-BBB5-051DEDF40721",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:-:*:*:*:*:*:*",
"matchCriteriaId": "12E8F01F-4E41-46F0-94BC-DD5174DDF393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:p20201202:*:*:*:*:*:*",
"matchCriteriaId": "E0417823-7418-4294-BE57-0304772DFE39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:p20210609:*:*:*:*:*:*",
"matchCriteriaId": "06BE9B78-075C-48E6-817A-5E0A89983EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:-:*:*:*:*:*:*",
"matchCriteriaId": "EC28D606-0A9B-46E5-A88C-8041357979DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211123:*:*:*:*:*:*",
"matchCriteriaId": "8158D6BC-2041-4600-B935-AD928621D987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211211:*:*:*:*:*:*",
"matchCriteriaId": "54A5147A-341A-4790-AAA8-DF2648423C50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper limitation of path names in Veeam Backup \u0026 Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code."
},
{
"lang": "es",
"value": "Una limitaci\u00f3n inapropiada de los nombres de las rutas en Veeam Backup \u0026amp; Replication versiones 9.5U3, 9.5U4,10.x y 11.x, permite a usuarios remotos autenticados acceder a funciones internas de la API que permiten a atacantes cargar y ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2022-26500",
"lastModified": "2025-02-03T16:15:32.213",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-03-17T21:15:08.193",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4288"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-17 21:15
Modified
2024-11-21 06:54
Severity ?
Summary
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://veeam.com | Vendor Advisory | |
| cve@mitre.org | https://www.veeam.com/kb4290 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://veeam.com | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.veeam.com/kb4290 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | * | |
| veeam | veeam_backup_\&_replication | 9.5.0.1536 | |
| veeam | veeam_backup_\&_replication | 9.5.4.2615 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 10.0.1.4854 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 | |
| veeam | veeam_backup_\&_replication | 11.0.1.1261 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "837D781D-E21B-458C-8D4A-59949CE4D580",
"versionEndExcluding": "10.0.1.4854",
"versionStartIncluding": "10.0.0.4442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0C1BCB-A018-4425-AC3D-0CE6EAEF372F",
"versionEndExcluding": "11.0.1.1261",
"versionStartIncluding": "11.0.0.825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:9.5.0.1536:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC7D0C1-0A10-4704-B8A0-ADFB8B2BA1BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:9.5.4.2615:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5BA0C4-F689-4B0E-BBB5-051DEDF40721",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:-:*:*:*:*:*:*",
"matchCriteriaId": "12E8F01F-4E41-46F0-94BC-DD5174DDF393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:p20201202:*:*:*:*:*:*",
"matchCriteriaId": "E0417823-7418-4294-BE57-0304772DFE39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:p20210609:*:*:*:*:*:*",
"matchCriteriaId": "06BE9B78-075C-48E6-817A-5E0A89983EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:10.0.1.4854:p20220304:*:*:*:*:*:*",
"matchCriteriaId": "0209ABC3-BF7B-4051-A836-9F9A650B3582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:-:*:*:*:*:*:*",
"matchCriteriaId": "EC28D606-0A9B-46E5-A88C-8041357979DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211123:*:*:*:*:*:*",
"matchCriteriaId": "8158D6BC-2041-4600-B935-AD928621D987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20211211:*:*:*:*:*:*",
"matchCriteriaId": "54A5147A-341A-4790-AAA8-DF2648423C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:11.0.1.1261:p20220302:*:*:*:*:*:*",
"matchCriteriaId": "0F5A2E58-F9C3-4A65-A83B-C86C970A01D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in Veeam Backup \u0026 Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe"
},
{
"lang": "es",
"value": "Una autenticaci\u00f3n inapropiada en Veeam Backup \u0026amp; Replication versiones 9.5U3, 9.5U4,10.x y 11.x, componente usado para Microsoft System Center Virtual Machine Manager (SCVMM) permite a atacantes ejecutar c\u00f3digo arbitrario por medio del archivo Veeam.Backup.PSManager.exe"
}
],
"id": "CVE-2022-26504",
"lastModified": "2024-11-21T06:54:04.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-17T21:15:08.273",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://veeam.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4290"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-10-16 20:59
Modified
2024-11-21 02:33
Severity ?
Summary
VeeamVixProxy in Veeam Backup & Replication (B&R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EF6BD83-42F2-4EA9-8291-7D15338367C5",
"versionEndIncluding": "8.0.0.2030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VeeamVixProxy in Veeam Backup \u0026 Replication (B\u0026R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files."
},
{
"lang": "es",
"value": "VeeamVixProxy en Veeam Backup \u0026 Replication (B\u0026R) en versiones anteriores a 8.0 update 3 almacena credenciales de administrador local en archivos de log con permisos de lectura para todos, lo que permite a usuarios locales obtener informaci\u00f3n sensible mediante la lectura de archivos."
}
],
"id": "CVE-2015-5742",
"lastModified": "2024-11-21T02:33:45.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-10-16T20:59:12.590",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/133906/Veeam-Backup-And-Replication-6-7-8-Privilege-Escalation.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2015/Oct/44"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/536647/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.ush.it/2015/10/08/veeam-backup-replication-6-7-8-local-privilege-escalation-vulnerability/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.veeam.com/kb2068"
},
{
"source": "cve@mitre.org",
"url": "https://www.veeam.com/kb2180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/133906/Veeam-Backup-And-Replication-6-7-8-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2015/Oct/44"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/536647/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.ush.it/2015/10/08/veeam-backup-replication-6-7-8-local-privilege-escalation-vulnerability/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.veeam.com/kb2068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.veeam.com/kb2180"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-07 17:15
Modified
2024-12-20 16:35
Severity ?
Summary
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://www.veeam.com/kb4649 | Vendor Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| veeam | veeam_backup_\&_replication | * |
{
"cisaActionDue": "2024-11-07",
"cisaExploitAdd": "2024-10-17",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Veeam Backup and Replication Deserialization Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\\u0026_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AD538F-6D77-4528-9BD8-C06E1CD65354",
"versionEndExcluding": "12.2.0.334",
"versionStartIncluding": "12.0.0.1420",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE)."
},
{
"lang": "es",
"value": "Una vulnerabilidad de deserializaci\u00f3n de datos no confiables con un payload malicioso puede permitir una ejecuci\u00f3n remota de c\u00f3digo no autenticada (RCE)."
}
],
"id": "CVE-2024-40711",
"lastModified": "2024-12-20T16:35:59.103",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-07T17:15:13.260",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.veeam.com/kb4649"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2/"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
cve-2020-15518
Vulnerability from cvelistv5
Published
2020-07-03 10:58
Modified
2024-08-04 13:15
Severity ?
EPSS score ?
Summary
VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests.
References
| ▼ | URL | Tags |
|---|---|---|
| https://zwclose.github.io/veeamon | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:15:20.723Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://zwclose.github.io/veeamon"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup \u0026 Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-03T10:58:45",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://zwclose.github.io/veeamon"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-15518",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup \u0026 Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://zwclose.github.io/veeamon",
"refsource": "MISC",
"url": "https://zwclose.github.io/veeamon"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-15518",
"datePublished": "2020-07-03T10:58:45",
"dateReserved": "2020-07-03T00:00:00",
"dateUpdated": "2024-08-04T13:15:20.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26500
Vulnerability from cvelistv5
Published
2022-03-17 20:56
Modified
2025-02-03 15:27
Severity ?
EPSS score ?
Summary
Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| https://veeam.com | x_refsource_MISC | |
| https://www.veeam.com/kb4288 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:33.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://veeam.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.veeam.com/kb4288"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-26500",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T14:08:12.923583Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-12-13",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-26500"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-03T15:27:52.201Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper limitation of path names in Veeam Backup \u0026 Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-17T20:56:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://veeam.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.veeam.com/kb4288"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-26500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper limitation of path names in Veeam Backup \u0026 Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://veeam.com",
"refsource": "MISC",
"url": "https://veeam.com"
},
{
"name": "https://www.veeam.com/kb4288",
"refsource": "MISC",
"url": "https://www.veeam.com/kb4288"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-26500",
"datePublished": "2022-03-17T20:56:44.000Z",
"dateReserved": "2022-03-06T00:00:00.000Z",
"dateUpdated": "2025-02-03T15:27:52.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26504
Vulnerability from cvelistv5
Published
2022-03-17 20:48
Modified
2024-08-03 05:03
Severity ?
EPSS score ?
Summary
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe
References
| ▼ | URL | Tags |
|---|---|---|
| https://veeam.com | x_refsource_MISC | |
| https://www.veeam.com/kb4290 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://veeam.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.veeam.com/kb4290"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in Veeam Backup \u0026 Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-17T20:51:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://veeam.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.veeam.com/kb4290"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-26504",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper authentication in Veeam Backup \u0026 Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://veeam.com",
"refsource": "MISC",
"url": "https://veeam.com"
},
{
"name": "https://www.veeam.com/kb4290",
"refsource": "MISC",
"url": "https://www.veeam.com/kb4290"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-26504",
"datePublished": "2022-03-17T20:48:29",
"dateReserved": "2022-03-06T00:00:00",
"dateUpdated": "2024-08-03T05:03:32.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-5742
Vulnerability from cvelistv5
Published
2015-10-16 20:00
Modified
2024-08-06 06:59
Severity ?
EPSS score ?
Summary
VeeamVixProxy in Veeam Backup & Replication (B&R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/133906/Veeam-Backup-And-Replication-6-7-8-Privilege-Escalation.html | x_refsource_MISC | |
| https://www.veeam.com/kb2180 | x_refsource_CONFIRM | |
| http://seclists.org/fulldisclosure/2015/Oct/44 | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/archive/1/536647/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.veeam.com/kb2068 | x_refsource_CONFIRM | |
| http://www.ush.it/2015/10/08/veeam-backup-replication-6-7-8-local-privilege-escalation-vulnerability/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:59:04.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/133906/Veeam-Backup-And-Replication-6-7-8-Privilege-Escalation.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.veeam.com/kb2180"
},
{
"name": "20151008 Veeam Backup \u0026 Replication Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Oct/44"
},
{
"name": "20151008 Veeam Backup \u0026 Replication Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536647/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.veeam.com/kb2068"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ush.it/2015/10/08/veeam-backup-replication-6-7-8-local-privilege-escalation-vulnerability/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VeeamVixProxy in Veeam Backup \u0026 Replication (B\u0026R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/133906/Veeam-Backup-And-Replication-6-7-8-Privilege-Escalation.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.veeam.com/kb2180"
},
{
"name": "20151008 Veeam Backup \u0026 Replication Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Oct/44"
},
{
"name": "20151008 Veeam Backup \u0026 Replication Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536647/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.veeam.com/kb2068"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ush.it/2015/10/08/veeam-backup-replication-6-7-8-local-privilege-escalation-vulnerability/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5742",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VeeamVixProxy in Veeam Backup \u0026 Replication (B\u0026R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/133906/Veeam-Backup-And-Replication-6-7-8-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133906/Veeam-Backup-And-Replication-6-7-8-Privilege-Escalation.html"
},
{
"name": "https://www.veeam.com/kb2180",
"refsource": "CONFIRM",
"url": "https://www.veeam.com/kb2180"
},
{
"name": "20151008 Veeam Backup \u0026 Replication Local Privilege Escalation Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Oct/44"
},
{
"name": "20151008 Veeam Backup \u0026 Replication Local Privilege Escalation Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536647/100/0/threaded"
},
{
"name": "http://www.veeam.com/kb2068",
"refsource": "CONFIRM",
"url": "http://www.veeam.com/kb2068"
},
{
"name": "http://www.ush.it/2015/10/08/veeam-backup-replication-6-7-8-local-privilege-escalation-vulnerability/",
"refsource": "MISC",
"url": "http://www.ush.it/2015/10/08/veeam-backup-replication-6-7-8-local-privilege-escalation-vulnerability/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5742",
"datePublished": "2015-10-16T20:00:00",
"dateReserved": "2015-08-05T00:00:00",
"dateUpdated": "2024-08-06T06:59:04.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26501
Vulnerability from cvelistv5
Published
2022-03-17 20:28
Modified
2025-02-03 15:37
Severity ?
EPSS score ?
Summary
Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).
References
| ▼ | URL | Tags |
|---|---|---|
| https://veeam.com | x_refsource_MISC | |
| https://www.veeam.com/kb4288 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://veeam.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.veeam.com/kb4288"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-26501",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T14:08:49.677711Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-12-13",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-26501"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-03T15:37:55.741Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup \u0026 Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-17T21:21:40.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://veeam.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.veeam.com/kb4288"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-26501",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Veeam Backup \u0026 Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://veeam.com",
"refsource": "MISC",
"url": "https://veeam.com"
},
{
"name": "https://www.veeam.com/kb4288",
"refsource": "MISC",
"url": "https://www.veeam.com/kb4288"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-26501",
"datePublished": "2022-03-17T20:28:41.000Z",
"dateReserved": "2022-03-06T00:00:00.000Z",
"dateUpdated": "2025-02-03T15:37:55.741Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-27532
Vulnerability from cvelistv5
Published
2023-03-10 00:00
Modified
2025-01-28 21:28
Severity ?
EPSS score ?
Summary
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.veeam.com/kb4424 |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Veeam Backup & Replication |
Version: Fixed Versions: v12 (build 12.0.0.1420 P20230223) Version: 11a (build 11.0.1.1261 P20230227) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:16:35.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.veeam.com/kb4424"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27532",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T21:19:54.717692Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-08-22",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-27532"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T21:28:51.796Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Veeam Backup \u0026 Replication",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed Versions: v12 (build 12.0.0.1420 P20230223)"
},
{
"status": "affected",
"version": "11a (build 11.0.1.1261 P20230227)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in Veeam Backup \u0026 Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication for Critical Function (CWE-306)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-10T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4424"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-27532",
"datePublished": "2023-03-10T00:00:00.000Z",
"dateReserved": "2023-03-02T00:00:00.000Z",
"dateUpdated": "2025-01-28T21:28:51.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-35971
Vulnerability from cvelistv5
Published
2021-06-30 14:28
Modified
2024-08-04 00:47
Severity ?
EPSS score ?
Summary
Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.veeam.com/kb4126 | x_refsource_MISC | |
| https://www.veeam.com/kb4180 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.veeam.com/kb4126"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.veeam.com/kb4180"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T14:28:51",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.veeam.com/kb4126"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.veeam.com/kb4180"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-35971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.veeam.com/kb4126",
"refsource": "MISC",
"url": "https://www.veeam.com/kb4126"
},
{
"name": "https://www.veeam.com/kb4180",
"refsource": "MISC",
"url": "https://www.veeam.com/kb4180"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-35971",
"datePublished": "2021-06-30T14:28:51",
"dateReserved": "2021-06-30T00:00:00",
"dateUpdated": "2024-08-04T00:47:43.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-40711
Vulnerability from cvelistv5
Published
2024-09-07 16:11
Modified
2024-10-29 21:50
Severity ?
EPSS score ?
Summary
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.veeam.com/kb4649 |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Veeam | Backup and Recovery |
Version: 12.1.2 ≤ 12.1.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:backup_\\\u0026_replication:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "backup_\\\u0026_replication",
"vendor": "veeam",
"versions": [
{
"lessThanOrEqual": "12.2.0.334",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40711",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-29T21:45:53.497382Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-10-17",
"reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T21:50:32.442Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"url": "https://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Backup and Recovery",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.1.2",
"status": "affected",
"version": "12.1.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE)."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-07T16:11:22.213Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4649"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-40711",
"datePublished": "2024-09-07T16:11:22.213Z",
"dateReserved": "2024-07-09T01:04:07.425Z",
"dateUpdated": "2024-10-29T21:50:32.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}