CVE-2023-27532
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Veeam Backup & Replication | Fixed Versions: v12 (build 12.0.0.1420 P20230223) | affected |
| n/a | Veeam Backup & Replication | 11a (build 11.0.1.1261 P20230227) | affected |
Weaknesses
- CWE-306: Missing Authentication for Critical Function (CWE-306)
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: active
- Automatable: yes
- Technical Impact: partial
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.