Veeam Enterprise Backup Manager Flaw Allows Unauthorized Access
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Veeam Backup And Replication is backup software for creating secure backups that enable clean recovery and data resilience.
The software replicates VM backups to a secondary location, which will quickly recover from a failover to a replica VM during a potential disaster on the primary site.
Veeam has released a new security release information and advisory for Veeam Backup and Replication 12.1.2.172, which fixes multiple vulnerabilities and makes some improvements.
The critical vulnerabilities addressed were CVE-2024-29849, CVE-2024-29850, CVE-2024-29851, CVE-2024-29852, and CVE-2024-29853.
According to the advisory, CVE-2024-29849 has the highest severity associated with Unauthenticated and unauthorized access to Veeam Backup Enterprise Manager.
An unauthenticated threat actor can exploit this vulnerability and log in to the Veeam Enterprise Manager web interface under the context of any user.
The severity for this vulnerability was given as 9.8 (Critical). However, this vulnerability has been addressed on the 12.1 updates for Veeam Backup & Replication 12.1.2.172 version.
CVE-2024-29850 and CVE-2024-29851 were two high severity vulnerabilities addressed by Veeam on this release which were associated with Account takeover via NTLM relay and stealing of NTLM hash of a service account.
The severity for these vulnerabilities were 8.8 (High) and 7.2 (High).Another High severity vulnerability that was addressed on Veeam Agent for Windows (VAW) was CVE-2024-29853 which was associated with Local Privilege Escalation. The severity for this vulnerability was 7.8 (High).
Mitigation Steps
If users of Veeam are not able to upgrade their Veeam Backup Enterprise Manager to 12.1.2.172 immediately, they can follow the below steps as a workaround.
However, it is advised not to stop the Veeam Backup Server RESTful API Service
Enhancements And Improvements
Apart from these bug fixes, there were several features and enhancements on the platform on multiple sections such as
These were multiple issues resolved in
Users of Veeam Backup & Replication are recommended to upgrade to the latest version 12.1.2.172 for improving and enhancing the features and fixing these vulnerabilities from getting exploited by threat actors.
#Cyber_Security_News #Security_Updates #Vulnerability #Backup_Software #Critical_Vulnerabilities #Veeam_Security_Update
Оригинальная версия на сайте:
Veeam Enterprise Backup Manager Flaw Allows Unauthorized Access
Author: Raga VarshiniVeeam Backup And Replication is backup software for creating secure backups that enable clean recovery and data resilience.
The software replicates VM backups to a secondary location, which will quickly recover from a failover to a replica VM during a potential disaster on the primary site.
Veeam has released a new security release information and advisory for Veeam Backup and Replication 12.1.2.172, which fixes multiple vulnerabilities and makes some improvements.
The critical vulnerabilities addressed were CVE-2024-29849, CVE-2024-29850, CVE-2024-29851, CVE-2024-29852, and CVE-2024-29853.
According to the advisory, CVE-2024-29849 has the highest severity associated with Unauthenticated and unauthorized access to Veeam Backup Enterprise Manager.
An unauthenticated threat actor can exploit this vulnerability and log in to the Veeam Enterprise Manager web interface under the context of any user.
The severity for this vulnerability was given as 9.8 (Critical). However, this vulnerability has been addressed on the 12.1 updates for Veeam Backup & Replication 12.1.2.172 version.
CVE-2024-29850 and CVE-2024-29851 were two high severity vulnerabilities addressed by Veeam on this release which were associated with Account takeover via NTLM relay and stealing of NTLM hash of a service account.
The severity for these vulnerabilities were 8.8 (High) and 7.2 (High).Another High severity vulnerability that was addressed on Veeam Agent for Windows (VAW) was CVE-2024-29853 which was associated with Local Privilege Escalation. The severity for this vulnerability was 7.8 (High).
Mitigation Steps
If users of Veeam are not able to upgrade their Veeam Backup Enterprise Manager to 12.1.2.172 immediately, they can follow the below steps as a workaround.
- It is advised to disable the following services.
- VeeamEnterpriseManagerSvc (Veeam Backup Enterprise Manager)
- VeeamRESTSvc (Veeam RESTful API Service)
However, it is advised not to stop the Veeam Backup Server RESTful API Service
- If the Veeam Backup Enterprise Manager software is installed on a dedicated server, it can be upgraded to version 12.1.2.172 without immediately upgrading the Veeam Backup & Replication.
- Additionally, if the Veeam Backup Enterprise Manager is not in use, it can be uninstalled.
Enhancements And Improvements
Apart from these bug fixes, there were several features and enhancements on the platform on multiple sections such as
- Platform Support
- General
- Malware Detection
- Enterprise Applications
- Object Storage
- Primary Storage
- Secondary Storage
- Security & Compliance Analyzer
- Veeam Agents.
These were multiple issues resolved in
- VMware vSphere
- Microsoft Hyper-V
- General
- Agent Management
- Unstructured Data Backup
- Backup copy
- SureBackup
- Tape
- Veeam Cloud Connect
- Self-Service Backup Portal
- Scale-out Backup Repository
- Object storage and
- Primary storage.
Users of Veeam Backup & Replication are recommended to upgrade to the latest version 12.1.2.172 for improving and enhancing the features and fixing these vulnerabilities from getting exploited by threat actors.
#Cyber_Security_News #Security_Updates #Vulnerability #Backup_Software #Critical_Vulnerabilities #Veeam_Security_Update
Оригинальная версия на сайте:
