QID 378062

Date Published: 2023-03-13

QID 378062: Veeam Backup and Replication Access Control Vulnerability (kb4424)

Veeam Backup and Replication is a proprietary backup app developed by Veeam for virtual environments built on VMware vSphere, Nutanix AHV, and Microsoft Hyper-V hypervisors.

Affected Version:
Veeam Backup and Replication versions prior to 11a and 12
QID Detection Logic (Authenticated):
This QID checks for the version of file veeam.backup.core.dll at installed locations "ProgramFiles%\Veeam\Backup and Replication\Console" or "ProgramFiles(x86)%\Veeam\Backup and Replication\Console"

The vulnerable process, Veeam.Backup.Service.exe (TCP 9401 by default), allows an unauthenticated user to request encrypted credentials.

  • CVSS V3 rated as High - 7.5 severity.
  • CVSS V2 rated as Critical - 10 severity.
  • Solution
    For Veeam Backup and Replication versions please upgrade to the supported product version mentioned here kb4424
    Vendor References

    CVEs related to QID 378062

    Software Advisories
    Advisory ID Software Component Link
    kb4424 URL Logo www.veeam.com/kb4424