CVE-2022-26500 - Veeam Backup & Replication Remote Code Execution Vulnerability
CVE-2022-26500
Veeam | Backup & Replication
- Date Added:
- 2022-12-13
- Due Date:
- 2023-01-03
- Vulnerability Name
Veeam Backup & Replication Remote Code Execution Vulnerability
- Description
The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.
- Known To Be Used in Ransomware Campaigns?
Known
- Action
Apply updates per vendor instructions.
- Additional Notes
- https://www.veeam.com/kb4288; https://nvd.nist.gov/vuln/detail/CVE-2022-26500
Free security scan for your website