Veeam Backup & Replication Vulnerability - 20230327001

Overview

Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.

What is the vulnerability ?

Vulnerability CVE-2023-27532 in a Veeam Backup & Replication component allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. The vulnerable process is Veeam.Backup.Service.exe (TCP 9401 by default). This may lead to an attacker gaining access to the backup infrastructure hosts.

• Severity: High
• CVSS v3 score: 7.5

What is vulnerable?

• This vulnerability affects all Veeam Backup & Replication versions.
• The patch must be installed on the Veeam Backup & Replication server.
• All new deployments of Veeam Backup & Replication versions 12 and 11a installed using the ISO images dated 20230223 (V12) and 20230227 (V11a) or later are not vulnerable

Recommendation

This vulnerability is resolved in the following Veeam Backup & Replication build numbers:

• 12 (build 12.0.0.1420 P20230223)

• 11a (build 11.0.1.1261 P20230227)

Reference

• Veeam Advisory
• CVE-2023-27532 MITRE