Veeam released the Backup & Replication v12.1.2.172 on May 21, 2024.
The vulnerabilities documented in these sections were fixed starting in the 12.1.2.172 build.
Veeam Backup Enterprise Manager (VBEM)
CVE-2024-29849 | Severity: Critical (9.8)
This vulnerability in VBEM allows an unauthenticated attacker to log in to the VBEM web interface as any user.
CVE-2024-29850 | Severity: High (8.8)
This Vulnerability in VBEM allows account takeover via NTLM relay.
CVE-2024-29851 | Severity: High (7.2)
This vulnerability in VBEM allows a high-privileged user to steal the NTLM hash of the VBEM service account if it is not the default Local System account.
CVE-2024-29852 | Severity: Low (2.7)
This vulnerability in VBEM allows high-privileged users to read backup session logs.
Veeam Agent for Windows (VAW)
CVE-2024-29853 | Severity: High (7.8)
This vulnerability in VAW allows for Local Privilege Escalation.
The details are as link https://www.veeam.com/kb4510
1.Login to the Veeam Backup and Replication Management Server.
2.Sign in your Veeam account and download the Veeam Backup and Replication v12.1 ISO image.
3.Open the Veeam Backup & Replication 12 Console and click Connect.
4.Enter the MFA Confirmation code and click Confirm.
5.Verify the existing Veeam Backup & Replication version from the Veeam Backup & Replication console (Help |Abut) and ensure that the version matches the installation requirements.
6.Ensure all jobs are successful, right-click all jobs and select disable.
7.Mount Veeam Backup and Replication v12.1 iso image file and run Setup.exe.
8.Run Setup.exe.
9.On the User Account Control page, click Yes.
10.On the Veeam Backup & Replication 12.1 page, click Upgrade.
11.On the Veeam Backup & Replication page, select Upgrade Veeam Backup & Replication.
12.On the License Agreement page, click I Accept.
13.On the Upgrade page, click Next.
14. The setup wizard will inform you if a valid license is installed on the machine. In this case, you can skip the Provide License step and click Next.
15.On the Service Account page, click Next.
16.On the Database page, click Next.
17.Click Yes to ensure that this installation is connected to the selected database.
18.Click Upgrade on the Ready to Upgrade page.
19.There are 6 steps for upgrading the Veeam Backup & Replication management server.
20.Ensure the upgrade is successful and click finish.
21.Open the Veeam Backup & Replication 12 Console and click Connect.
22.Enter the MFA Confirmation code and click Confirm.
23. Select all servers on the Components Update page and click Apply.
24.On the Components Update page, ensure all components are updated successfully for all servers and click Finish.
25.Verify the Veeam Backup & Replication version from the Veeam Backup & Replication console (Help |Abut).
26.Ensure that the version is 12.1.2.172.
27.Re-enable all jobs.
I hope you enjoy this post.
Cary Sun
X: @SifuSun
Web Site: carysun.com
Blog Site: checkyourlogs.net
Blog Site: gooddealmart.com
Amazon Author: Amazon.com/author/carysun