How to Install Veeam Backup & Replication 11a Cumulative Patches P20230227
Vulnerability in this Veeam Backup & Replication component allows unauthorized users to obtain encrypted credentials stored in the configuration database. The vulnerability may lead to these unauthorized users gaining access to backup infrastructure hosts. The vulnerable process Veeam.Backup.Service.exe (TCP 9401 by default) allows unauthenticated users to request encrypted credentials.
Veeam releases new patches on March 7, which fixed this vulnerability. No Hosts restart is required after installing this patch.