Veeam Backup & Replication vulnerability
Date of Notice: 03/09/2023
Action Level - High
Description
Veeam has disclosed a high severity vulnerability in their Backup & Replication component. If exploited, it could allow an unauthenticated attacker to obtain encrypted credentials and potentially gain access to backup infrastructure hosts.
Affected Versions
- Veeam Backup & Replication 12 - builds prior to 12.0.0.1420 P20230223
- Veeam Backup & Replication 11a and earlier - builds prior to 11.0.1.1261 P20230227
Attack Vector
An attacker with network or local access to the Veeam Backup & Replication server.
Attack Feasibility
There are currently no known exploits for this vulnerability
Mitigation
If you use an all-in-one Veeam appliance with no remote backup components, blocking external access to the appliance on TCP 9401 may temporarily mitigate the exploit.
Remediation
Update to a fixed build.
Vendor Resources
Veeam KB ID 4424 (includes links to fixed build versions)