CVE-2023-27532CISA KEV: Actively Exploited

Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability

Published Aug 22, 2023·Updated Aug 22, 2023

Description

Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.

Public Exploits & PoCs2 found

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free