May 23, 2024 at 10:41AM
Veeam addressed a critical vulnerability in its Backup Enterprise Manager, CVE-2024-29849, which could allow unauthorized access to the VBEM web interface. Although attackers could log in as any user, Veeam confirmed that the flaw wouldn’t lead to backups being deleted due to the immutable backups and authorization measures. Customers are urged to apply the updates promptly.
Based on the meeting notes, the key takeaways are:
– Veeam has addressed vulnerabilities in its Backup Enterprise Manager (VBEM) and provided a fix (version 12.1.2.172) for the identified flaws (CVE-2024-29849, CVE-2024-29850, CVE-2024-29851, and CVE-2024-29852).
– Exploiting these vulnerabilities could potentially lead to unauthorized access to the VBEM web interface and other security risks, but Veeam has clarified that the flaw does not allow cybercriminals to delete organization’s backups due to the use of immutable backups and four-eyes authorization.
– Customers are advised to apply the updates quickly, and if VBEM is not in use, then uninstalling it is an option.
– Organizations that cannot immediately upgrade VBEM to version 12.1.2.172 can temporarily halt the software by stopping and disabling VeeamEnterpriseManagerSvc and VeeamRESTSvc.
If there are any other specific details needed or additional points of interest, feel free to let me know!