QID 376479

Date Published: 2022-03-21

QID 376479: Veeam Backup and Replication Remote Code Execution (RCE) Vulnerability

Veeam Backup and Replication is a proprietary backup app developed by Veeam for virtual environments built on VMware vSphere, Nutanix AHV, and Microsoft Hyper-V hypervisors.

Affected Version:
Veeam Backup and Replication versions 9.5U3, 9.5U4, 10.x, and 11.x
QID detection Logic (Authenticated):
This QID checks for vulnerable version of Veeam Backup and Replication.

The Veeam Distribution Service (TCP 9380 by default) allows unauthenticated users to access internal API functions. A remote attacker may send input to the internal API which may lead to uploading and executing of malicious code.

  • CVSS V3 rated as Critical - 9.8 severity.
  • CVSS V2 rated as Critical - 10 severity.
    • Solution
    Customers are advised to install patches for Veeam Backup and Replication 10a and 11a as per the vendor advisory kb4288
    For Veeam Backup and Replication versions 9.5, please upgrade to the supported product version mentioned here kb4288
    Vendor References

    CVEs related to QID 376479

    CVE-2022-26500 | CVE-2022-26501 |
    Software Advisories
    Advisory ID Software Component Link
    kb4288 URL Logo www.veeam.com/kb4288
    By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].