Vulnerability in this Veeam Backup & Replication component allows unauthorized users to obtain encrypted credentials stored in the configuration database. The vulnerability may lead to these unauthorized users gaining access to backup infrastructure hosts. The vulnerable process Veeam.Backup.Service.exe (TCP 9401 by default) allows unauthenticated users to request encrypted credentials.
Veeam released new patches on March 7, which fixed this vulnerability. No Hosts restart is required after installing this patch.
The detailed information is as the link.
KB4245: Release Notes for Veeam Backup & Replication 11a Cumulative Patches
1. Log in to the Veeam server.
2. Download Veeam Backup & Replication 11a cumulative patch P20230227 installation package from above link. (You need to sign in).
3. Open Veeam Backup & Replication console.
4. Verify the existing Veeam Backup &Replication version from Veeam Backup & Replication console (Help |Abut). Please confirm you are running Veeam Backup &Replication build 11.0.1.1261 before installing this cumulative patch P20230227.
5. Ensure all jobs are successful, disable them, and close the console.
6. Exact the VeeamBackup&Replication_11.0.1.1261_20230227.zip file, run VeeamBackup&Replication_11.0.1.1261_20230227.exe.
7. Click Yes on the User Account Control page.
8. On the Welcome to cumulative patch P20230227 for Veeam Backup & Replication 11a Installation Wizard page and click Next.
9. Click Install on the Ready to Install page.
10. Click Finish on the Cumulative Patch P20230227 for Veeam Backup & Replication 11a has been Installed successfully page.
11. Open Veeam Backup & Replication console.
12. Click Connect on the Veeam Backup & Replication 11 page.
13. Select all servers on the Components Update page and click Apply.
14. On the Update page, ensure all components have been upgraded for all servers and click Finish.
15. Verify the Veeam Backup &Replication version from Veeam Backup & Replication console (Help |Abut) and ensure the build version is 11.0.1.1261 P20230227.
16. Right-click all jobs, and unselect Disable to enable all jobs.
I hope you enjoy this post.
Cary Sun
Twitter: @SifuSun
Web Site: carysun.com
Blog Site: checkyourlogs.net
Blog Site: gooddealmart.com
Author: Cary Sun
Cary Sun has a wealth of knowledge and expertise in data center and deployment solutions. As a Principal Consultant, he likely works closely with clients to help them design, implement, and manage their data center infrastructure and deployment strategies.
With his background in data center solutions, Cary Sun may have experience in server and storage virtualization, network design and optimization, backup and disaster recovery planning, and security and compliance management. He holds CISCO CERTIFIED INTERNETWORK EXPERT (CCIE No.4531) from 1999. Cary is also a Microsoft Most Valuable Professional (MVP), Microsoft Azure MVP, Veeam Vanguard and Cisco Champion. He is a published author with several titles, including blogs on Checkyourlogs.net, and the author of many books.
Cary is a very active blogger at checkyourlogs.net and is permanently available online for questions from the community. His passion for technology is contagious, improving everyone around him at what they do.
Blog site: https://www.checkyourlogs.net
Web site: https://carysun.com
Blog site: https://gooddealmart.com
Twitter: @SifuSun
in: https://www.linkedin.com/in/sifusun/
Amazon Author: https://Amazon.com/author/carysun
