Known Vulnerabilities for products from Veeam
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Veeam".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Veeam can be found at device.report : Veeam
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-21671 | A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in h... | Not Provided | 2026-03-12 | 2026-03-31 |
| CVE-2026-21670 | A vulnerability allowing a low-privileged user to extract saved SSH credentials. | Not Provided | 2026-03-12 | 2026-03-31 |
| CVE-2026-21669 | A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | Not Provided | 2026-03-12 | 2026-03-31 |
| CVE-2026-21668 | A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repos... | Not Provided | 2026-03-12 | 2026-03-31 |
| CVE-2026-21667 | A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | Not Provided | 2026-03-12 | 2026-03-31 |
| CVE-2026-21666 | A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | Not Provided | 2026-03-12 | 2026-03-31 |
| CVE-2021-35971 | Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization du... | 9.8 - CRITICAL | 2021-06-30 | 2021-07-06 |
| CVE-2020-15518 | VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which ... | 8.8 - HIGH | 2020-07-03 | 2021-07-21 |
| CVE-2020-15419 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Veeam ONE 10.0.0.75... | 7.5 - HIGH | 2020-07-28 | 2020-08-03 |
| CVE-2020-15418 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Veeam ONE 10.0.0.75... | 7.5 - HIGH | 2020-07-28 | 2020-08-03 |
| CVE-2020-10915 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587.... | 9.8 - CRITICAL | 2020-04-22 | 2020-05-04 |
| CVE-2020-10914 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587.... | 9.8 - CRITICAL | 2020-04-22 | 2020-05-04 |
| CVE-2019-14298 | Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(config) field to addDashboard or editDashboard in CommonDa... | 5.4 - MEDIUM | 2019-07-27 | 2019-07-29 |
| CVE-2019-14297 | Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with a crafted Caption field to setDashboardWidget in Common... | 5.4 - MEDIUM | 2019-07-27 | 2019-07-29 |
| CVE-2019-11569 | Veeam ONE Reporter 9.5.0.3201 allows CSRF. | 8.8 - HIGH | 2019-05-06 | 2019-05-07 |
| CVE-2015-5742 | VeeamVixProxy in Veeam Backup & Replication (B&R) before 8.0 update 3 stores local administrator credentials in log files wit... | 2.1 - LOW | 2015-10-16 | 2018-10-09 |
Known software with vulnerabilities from Veeam
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Veeam | Backup And Replication | 5.0.2.230 |
| Application | Veeam | Backup And Replication Active Directory Restore | 5.0.2.224 |
| Application | Veeam | Backup Catalog | 5.0.2.230 |
| Hardware | Veeam | One | - |
| Operating System | Veeam | One Firmware | - |
| Application | Veeam | One Reporter | 9.5.0.3201 |
| Application | Veeam | Veeam Availability Suite | 10.0 |
| Application | Veeam | Veeam Backup Amp Replication | 10.0 |