A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and extraction of sensitive information (savedcredentials and passwords)
A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code execution (RCE) on the Backup infrastructure hosts by an authenticated domain user.
A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication.
A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution (RCE) by updating existing jobs. These jobs can be configured to run pre-
A vulnerability allowing remote code execution (RCE) for domain users.
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user
A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be
This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as root by creating a malicious
backup configuration file.
This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postgres user by sending a
malicious password parameter.
A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over an external protocol, ultimat
A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor Authentication (MFA) settings and bypass MFA.
A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code.
This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter.
A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. T
A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted
This vulnerability in Veeam Service Provider Console allows for remote code execution.
A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account credentials to perform remote code execution on the machine where the Veeam ONE Agent is installed.
An improper access control vulnerability allows low-privileged users to execute code with Administrator privileges remotely.
An improper input validation vulnerability that allows a low-privileged user to remotely remove files on the system with permissions equivalent to those of the service account.
Page 1+ Next →