A vulnerability has been discovered within a Veeam® Backup & Replication™ component that could allow an unauthenticated user to request encrypted credentials that could lead to them gain access to backup infrastructure hosts. This vulnerability affects all Veeam Backup & Replication versions.
Veeam has a long-standing commitment to ensuring their products protect customers from any potential risk. As part of this, they run a Vulnerability Disclosure Program (VDP) for all their products. A security researcher identified and reported this vulnerability, Veeam then immediately reviewed and confirmed the vulnerability and developed an update that resolves the issue.
What do you need to do?
As an IT3000 support customer you do not need to do anything. Our engineers are currently installing security patches developed by Veeam to mitigate the vulnerability. Once the patch is installed a reboot may be required, if this is the case they will contact you directly either today or tomorrow to arrange this.
If you are not an IT3000 support customer you will need to update your installations immediately. You can access the patches and instructions using the button below.
If you have any questions regarding this vulnerability please contact us.