Veeam Enterprise Backup Manager Flaw Allows Unauthorized Access
Veeam Backup And Replication is backup tool for rising stable backups that enable clear recovery and data resilience.
The tool replicates VM backups to a secondary bother, that might maybe rapidly recuperate from a failover to a copy VM at some level of a doable catastrophe on the major set up.
Veeam has launched a aloof security launch recordsdata and advisory for Veeam Backup and Replication 12.1.2.172, which fixes so much of vulnerabilities and makes some improvements.
The intense vulnerabilities addressed were CVE-2024-29849, CVE-2024-29850, CVE-2024-29851, CVE-2024-29852, and CVE-2024-29853.
In conserving with the advisory, CVE-2024-29849 has the very most life like severity connected to Unauthenticated and unauthorized procure admission to to Veeam Backup Enterprise Manager.
An unauthenticated threat actor can exploit this vulnerability and log in to the Veeam Enterprise Manager web interface under the context of any consumer.
The severity for this vulnerability used to be given as 9.8 (Foremost). Nonetheless, this vulnerability has been addressed on the 12.1 updates for Veeam Backup & Replication 12.1.2.172 model.
CVE-2024-29850 and CVE-2024-29851 were two high severity vulnerabilities addressed by Veeam on this launch which had been connected to Myth takeover by technique of NTLM relay and stealing of NTLM hash of a carrier chronicle.
The severity for these vulnerabilities were 8.8 (Excessive) and 7.2 (Excessive). Every other Excessive severity vulnerability that used to be addressed on Veeam Agent for House windows (VAW) used to be CVE-2024-29853 which used to be connected to Native Privilege Escalation. The severity for this vulnerability used to be 7.8 (Excessive).
Mitigation Steps
If users of Veeam are no longer in a position to toughen their Veeam Backup Enterprise Manager to 12.1.2.172 instantly, they might be able to follow the under steps as a workaround.
- It’s far generally recommended to disable the next companies and products.
- VeeamEnterpriseManagerSvc (Veeam Backup Enterprise Manager)
- VeeamRESTSvc (Veeam RESTful API Carrier)
Nonetheless, it’s suggested no longer to discontinuance the Veeam Backup Server RESTful API Carrier
- If the Veeam Backup Enterprise Manager tool is set up in on a dedicated server, it would possibly maybe be upgraded to model 12.1.2.172 with out instantly upgrading the Veeam Backup & Replication.
- Additionally, if the Veeam Backup Enterprise Manager is rarely any longer in use, it would possibly maybe be uninstalled.
Enhancements And Enhancements
Moreover these worm fixes, there had been so much of aspects and enhancements on the platform on so much of sections reminiscent of
- Platform Strengthen
- Total
- Malware Detection
- Enterprise Capabilities
- Object Storage
- Main Storage
- Secondary Storage
- Security & Compliance Analyzer
- Veeam Brokers.
These were so much of points resolved in
- VMware vSphere
- Microsoft Hyper-V
- Total
- Agent Administration
- Unstructured Data Backup
- Backup reproduction
- SureBackup
- Tape
- Veeam Cloud Join
- Self-Carrier Backup Portal
- Scale-out Backup Repository
- Object storage and
- Main storage.
Users of Veeam Backup & Replication are quick to toughen to the most up-to-date model 12.1.2.172 for bettering and bettering the aspects and fixing these vulnerabilities from getting exploited by threat actors.
Source credit : cybersecuritynews.com