Vulnerability in this Veeam Backup & Replication component allows unauthorized users to obtain encrypted credentials stored in the configuration database. The vulnerability may lead to these unauthorized users gaining access to backup infrastructure hosts. The vulnerable process Veeam.Backup.Service.exe (TCP 9401 by default) allows unauthenticated users to request encrypted credentials.
Veeam releases new patches on March 7, which fixed this vulnerability. No Hosts restart is required after installing this patch.
The detailed information is as the link.
KB4245: Release Notes for Veeam Backup & Replication 11a Cumulative Patches
1. Log in to the Veeam server.
2. Download Veeam Backup & Replication 11a cumulative patch P20230227 installation package from above link. (You need to sign in).
3. Open Veeam Backup & Replication console.
4. Verify the existing Veeam Backup &Replication version from Veeam Backup & Replication console (Help |Abut). Please confirm you are running Veeam Backup &Replication build 11.0.1.1261 before installing this cumulative patch P20230227.
5. Ensure all jobs are successful, disable them, and close the console.
6. Exact the VeeamBackup&Replication_11.0.1.1261_20230227.zip file, run VeeamBackup&Replication_11.0.1.1261_20230227.exe.
7. Click Yes on the User Account Control page.
8. On the Welcome to cumulative patch P20230227 for Veeam Backup & Replication 11a Installation Wizard page and click Next.
9. Click Install on the Ready to Install page.
10. Click Finish on the Cumulative Patch P20230227 for Veeam Backup & Replication 11a has been Installed successfully page.
11. Open Veeam Backup & Replication console.
12. Click Connect on the Veeam Backup & Replication 11 page.
13. Select all servers on the Components Update page and click Apply.
14. On the Update page, ensure all components have been upgraded for all servers and click Finish.
15. Verify the Veeam Backup &Replication version from Veeam Backup & Replication console (Help |Abut) and ensure the build version is 11.0.1.1261 P20230227.
16. Right-click all jobs, and unselect Disable to enable all jobs.
I hope you enjoy this post.
Cary Sun
Twitter: @SifuSun
Web Site: carysun.com
Blog Site: checkyourlogs.net
Blog Site: gooddealmart.com