Multiple vulnerabilities in Veeam Backup & Replication
| Risk | Critical |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2024-40712 CVE-2024-40714 CVE-2024-39718 CVE-2024-40710 CVE-2024-40713 CVE-2024-40711 |
| CWE-ID | CWE-22 CWE-295 CWE-20 CWE-285 |
| Exploitation vector | Network |
| Public exploit | Vulnerability #6 is being exploited in the wild. |
| Vulnerable software |
Backup & Replication Server applications / Other server solutions |
| Vendor | Veeam |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Path traversal
EUVDB-ID: #VU96915
Risk: Low
CVSSv4.0: 7.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40712
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to input validation error when processing directory traversal sequences. A local user with access to the system and a low-privileged account within the application can escalate privileges on the system.
Install update from vendor's website.
Vulnerable software versionsBackup & Replication: 11 - 12.1.2.172
CPE2.3- cpe:2.3:a:veeam:backup_and_replication:11:*:*:*:*:*:*:*
- cpe:2.3:a:veeam:backup_and_replication:11a:11.0.1.1261 P20220302:*:*:*:*:*:*
- cpe:2.3:a:veeam:backup_and_replication:11.0.0.825:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper certificate validation
EUVDB-ID: #VU96914
Risk: Medium
CVSSv4.0: 0.6 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-40714
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to improper certificate validation. A remote attacker on the same network can intercept credentials during restore operations and gain unauthorized access to the application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsBackup & Replication: 11 - 12.1.2.172
CPE2.3- cpe:2.3:a:veeam:backup_and_replication:11:*:*:*:*:*:*:*
- cpe:2.3:a:veeam:backup_and_replication:11a:11.0.1.1261 P20220302:*:*:*:*:*:*
- cpe:2.3:a:veeam:backup_and_replication:11.0.0.825:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Path traversal
EUVDB-ID: #VU96913
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-39718
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to delete arbitrary files on the system.
The vulnerability exists due to input validation error when processing directory traversal sequences. A remote authenticated user can send a specially crafted HTTP request and delete arbitrary files on the system with elevated privileges.
MitigationInstall update from vendor's website.
Vulnerable software versionsBackup & Replication: 11 - 12.1.2.172
CPE2.3- cpe:2.3:a:veeam:backup_and_replication:11:*:*:*:*:*:*:*
- cpe:2.3:a:veeam:backup_and_replication:11a:11.0.1.1261 P20220302:*:*:*:*:*:*
- cpe:2.3:a:veeam:backup_and_replication:11.0.0.825:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU96912
Risk: High
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Amber]
CVE-ID: CVE-2024-40710
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise the affected system.
The vulnerability exists due to unspecified vulnerabilities. A remote authenticated user can gain access to sensitive information and compromise the system.
Install updates from vendor's website.
Vulnerable software versionsBackup & Replication: 11 - 12.1.2.172
CPE2.3- cpe:2.3:a:veeam:backup_and_replication:11:*:*:*:*:*:*:*
- cpe:2.3:a:veeam:backup_and_replication:11a:11.0.1.1261 P20220302:*:*:*:*:*:*
- cpe:2.3:a:veeam:backup_and_replication:11.0.0.825:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper Authorization
EUVDB-ID: #VU96911
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-40713
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass multi-factor authentication.
The vulnerability exists due to an unspecified error within the Multi-Factor Authentication (MFA) implementation. A remote user can alter Multi-Factor Authentication (MFA) settings and bypass MFA.
MitigationInstall updates from vendor's website.
Vulnerable software versionsBackup & Replication: 11 - 12.1.2.172
CPE2.3- cpe:2.3:a:veeam:backup_and_replication:11:*:*:*:*:*:*:*
- cpe:2.3:a:veeam:backup_and_replication:11a:11.0.1.1261 P20220302:*:*:*:*:*:*
- cpe:2.3:a:veeam:backup_and_replication:11.0.0.825:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Input validation error
EUVDB-ID: #VU96908
Risk: Critical
CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]
CVE-ID: CVE-2024-40711
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input. A remote non-authenticated attacker can send specially crafted request to the application and execute arbitrary code on the system.
Install updates from vendor's website.
Vulnerable software versionsBackup & Replication: 11 - 12.1.2.172
CPE2.3- cpe:2.3:a:veeam:backup_and_replication:11:*:*:*:*:*:*:*
- cpe:2.3:a:veeam:backup_and_replication:11a:11.0.1.1261 P20220302:*:*:*:*:*:*
- cpe:2.3:a:veeam:backup_and_replication:11.0.0.825:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
