- This vulnerability affects all Veeam Backup & Replication versions.
- If you use an earlier Veeam Backup & Replication version, please upgrade to a supported version first.
- If you use an all-in-one Veeam appliance with no remote backup infrastructure components, you can alternatively block external connections to port TCP 9401 in the backup server firewall as a temporary remediation until the patch is installed.
- The patch must be installed on the Veeam Backup & Replication server. All new deployments of Veeam Backup & Replication versions 12 and 11a installed using the ISO images dated 20230223 (V12) and 20230227 (V11a) or later are not vulnerable.
Before Patch:
After Patch:
You will see the patch number "P20230227" on the Build number
Reference:
KB4424: CVE-2023-27532 (veeam.com)
No comments:
Post a Comment