Veeam released the Backup & Replication v12.1.2.172 on May 21, 2024.
The vulnerabilities documented in these sections were fixed starting in the 12.1.2.172 build.
Veeam Backup Enterprise Manager (VBEM)
CVE-2024-29849 | Severity: Critical (9.8)
This vulnerability in VBEM allows an unauthenticated attacker to log in to the VBEM web interface as any user.
CVE-2024-29850 | Severity: High (8.8)
This Vulnerability in VBEM allows account takeover via NTLM relay.
CVE-2024-29851 | Severity: High (7.2)
This vulnerability in VBEM allows a high-privileged user to steal the NTLM hash of the VBEM service account if that service account is anything other than the default Local System account.
CVE-2024-29852 | Severity: Low (2.7)
This vulnerability in VBEM allows high-privileged users to read backup session logs.
1.Login to the Veeam Backup Enterprise Manager machine.
2.Sign in to your Veeam account and download the Veeam Backup and Replication v12.1 ISO image.
3.Mount VeeamBackup&Replication_12.1.2.172_20240515.iso file.
4.Run Setup.exe.
5.Click Yes on the User Account Control.
6.On the Veeam Backup & Replication 12.1 page, click Upgrade.
7.Select Upgrade Veeam Backup Enterprise Manager.
8.On the License Agreement page, click I Accept.
9.Click Next on the Upgrade page.
10.There are two options to install the license. To use license file in my case.
11.Select Browse license file on the License page.
12.Select a valid Veeam Backup Enterprise Manager license file and click Open.
13.If you use Evaluation, Free and NFR licenses, select the Update license automatically (enables usage reporting) checkbox.
14. If a valid license is installed on the machine, the setup wizard will inform you. In this case, you can skip the Provide License step, click Next.
15.Click Next on the Service Account page.
16.Click Next on the Database page.
17.Click Yes to ensure that this installation is connected to the selected database..
18.Click Upgrade on the Ready to Upgrade page.
19.Click Finish on the Veeam Backup Enterprise Manager 12.1 Successfully upgraded page.
I hope you enjoy this post.
Cary Sun
X: @SifuSun
Web Site: carysun.com
Blog Site: checkyourlogs.net
Blog Site: gooddealmart.com
Amazon Author: Amazon.com/author/carysun
Author: Cary Sun
Cary Sun has a wealth of knowledge and expertise in data center and deployment solutions. As a Principal Consultant, he likely works closely with clients to help them design, implement, and manage their data center infrastructure and deployment strategies.
With his background in data center solutions, Cary Sun may have experience in server and storage virtualization, network design and optimization, backup and disaster recovery planning, and security and compliance management. He holds CISCO CERTIFIED INTERNETWORK EXPERT (CCIE No.4531) from 1999. Cary is also a Microsoft Most Valuable Professional (MVP), Microsoft Azure MVP, Veeam Vanguard and Cisco Champion. He is a published author with several titles, including blogs on Checkyourlogs.net, and the author of many books.
Cary is a very active blogger at checkyourlogs.net and is permanently available online for questions from the community. His passion for technology is contagious, improving everyone around him at what they do.
Blog site: https://www.checkyourlogs.net
Web site: https://carysun.com
Blog site: https://gooddealmart.com
Twitter: @SifuSun
in: https://www.linkedin.com/in/sifusun/
Amazon Author: https://Amazon.com/author/carysun
