Veeam Backup and Replication CVE-2023-27532
Issue
Vulnerability CVE-2023-27532 in a Veeam Backup & Replication component allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.
- Severity – High
- CVSS v3 score – 7.5
Additional Information
- The vulnerable process, Veeam.Backup.Service.exe (TCP 9401 by default), allows an unauthenticated user to request encrypted credentials.
- This vulnerability affects all Veeam Backup & Replication versions.
- If you use an earlier Veeam Backup & Replication version, please upgrade to a supported version first.
- If you use an all-in-one Veeam appliance with no remote backup infrastructure components, you can alternatively block external connections to port TCP 9401 in the backup server firewall as a temporary remediation until the patch is installed.
- The patch must be installed on the Veeam Backup & Replication server. All new deployments of Veeam Backup & Replication versions 12 and 11a installed using the ISO images dated 20230223 (V12) and 20230227 (V11a) or later are not vulnerable.
Recommended Action
Customers should update to a version that resolves the vulnerability:
More information
For assistance from the Kraft Kennedy team, please contact us.