Security News Veeam warns of critical bugs in Veeam ONE monitoring platform


Level 44
Thread author
Top Poster
Nov 10, 2017
Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical.

The company assigned almost maximum severity ratings (9.8 and 9.9/10 CVSS base scores) to the critical security flaws since they let attackers gain remote code execution (RCE) and steal NTLM hashes from vulnerable servers. The remaining two are medium-severity bugs that require user interaction or have limited impact.

"A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database," an advisory published today says about the bug tracked as CVE-2023-38547.

"A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service," the company says when describing the second critical vulnerability (CVE-2023-38548) patched today.

Veeam also fixed a security flaw tracked as CVE-2023-38549 that could let attackers with Power User roles steal the access token of an admin in a Cross-Site Scripting (XSS) attack, which requires user interaction from someone with the Veeam ONE Administrator role.

The rest
  • +Reputation
Reactions: Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.