{"id":34924,"date":"2024-09-06T02:02:42","date_gmt":"2024-09-06T00:02:42","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=34924"},"modified":"2024-09-06T08:13:18","modified_gmt":"2024-09-06T06:13:18","slug":"veeam-warns-of-critical-rce-vulnerability-cve-2024-4071-in-backup-replication","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2024\/09\/06\/veeam-warns-of-critical-rce-vulnerability-cve-2024-4071-in-backup-replication\/","title":{"rendered":"Veeam warns of critical RCE vulnerability CVE-2024-4071 in Backup & Replication"},"content":{"rendered":"

\"Sicherheit[German<\/a>]Veeam warns of a critical RCE vulnerability in Backup & Replication. Blog reader j. pointed out the vulnerability yesterday in the discussion area (thanks for that) – but I had already heard about it elsewhere. The vulnerability CVE-2024-4071 was classified with a CVSS index of 9.8, so it should be fixed as soon as possible. Veeam has therefore published corresponding updates to its Backup & Replication software to close these vulnerabilities. But there are other vulnerabilities in various products. Here is a brief overview of this topic.<\/p>\n

<\/p>\n

Vulnerabilities in several products<\/h2>\n

\"\"Veeam published Security Bulletin kb4649<\/a> on September 4, 2024 and modified it again on September 5. This document discloses a whole series of vulnerabilities in various products. Subsequent products should be updated promptly.<\/p>\n

Veeam Backup & Replication
\nVeeam ONE
\nVeeam Service Provider Console
\nVeeam Agent for Linux<\/i>
\nVeeam Backup for Nutanix AHV<\/i>
\nVeeam Backup for Oracle Linux Virtualization Manager and Red Hat Virtualization<\/i><\/p>\n

RCE vulnerability CVE-2024-4071 and more<\/h2>\n

The following vulnerabilities affect Veeam Backup & Replication 12.1.2.172 and earlier builds of version 12<\/a> as well as older versions. Here is a brief overview:<\/p>\n