Managed servers with Veeam Distribution Service will be updated automatically after installing the patch. The patch must be installed on the Veeam Backup & Replication server.Patches are available for the following Veeam Backup & Replication versions: A remote attacker may send input to the internal API which may lead to uploading and executing of malicious code. The Veeam Distribution Service (TCP 9380 by default) allows unauthenticated users to access internal API functions. Please contact GDV if you have any questions. Customers still using v9.5u4 must upgrade to v10. Global Data Vault recommends all customers apply the patch for your current version, i.e., if you are on v10, apply the v10a cumulative patch. This issue has a CVSS score of 9.8 and is a critical severity. On March 12, 2022, VeeamĀ® Software released a statement and patches related to CVE-2022-26500 and CVE-2022-26501, which referenced a remote code execution (RCE) vulnerability in all versions of Veeam Backup & Replication.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |