PULSE
LIVE45signals / 24h
FEED
ransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcare
← All CVEs
CVE Watch

CVE-2023-27532

Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability

CVSS

No CVSS

EPSS

77.6%

p100

KEV

YES

Aug 22, 2023

Exploit Today

80

0-100

Published: · Last modified:

EPSS · 30d
77.6%EPSS · 30 days77.6%
2026-06-302026-07-16
KEV catalog record

Product

Veeam / Backup & Replication

Vulnerability

Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability

Added to KEV

Aug 22, 2023

Remediate by

Sep 12, 2023

Known ransomware use

Yes

Summary description

Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.

Required action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notes

https://www.veeam.com/kb4424; https://nvd.nist.gov/vuln/detail/CVE-2023-27532

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2024-40711
99.8%
KEV80Veeam Backup and Replication Deserialization Vulnerability
CVE-2022-26500
92.4%
KEV78Veeam Backup & Replication Remote Code Execution Vulnerability
CVE-2022-26501
90.0%
KEV77Veeam Backup & Replication Remote Code Execution Vulnerability