Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerability in Veeam Backup Enterprise Manager
Alerts

Critical Vulnerability in Veeam Backup Enterprise Manager

24 May 2024

Veeam has released security updates to address a critical vulnerability (CVE-2024-29849) affecting Veeam Backup Enterprise Manager (VBEM). The vulnerability has a Common Vulnerability Scoring System (CVSSv3.1) score of 9.8 out of 10.

Successful exploitation of the authentication bypass vulnerability could allow an unauthenticated attacker to log in to the VBEM web interface as any user.

The vulnerability affects all versions of VBEM prior to 12.1.2.172.

Users and administrators of affected versions of VBEM are advised to update to the latest version immediately.

More information is available here:

https://www.veeam.com/kb4510

https://www.bleepingcomputer.com/news/security/veeam-warns-of-critical-backup-enterprise-manager-auth-bypass-bug

Back to top