PULSE
EN VIVO45señales / 24h
FEED
ransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcare
← Todos los CVEs
CVE Watch

CVE-2023-27532

Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability

CVSS

Sin CVSS

EPSS

77.6%

p100

KEV

22 ago 2023

Exploit Today

80

0-100

Publicado: · Última mod.:

EPSS · 30d
77.6%EPSS · 30 días77.6%
2026-06-302026-07-16
Ficha del catálogo KEV

Producto

Veeam / Backup & Replication

Vulnerabilidad

Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability

Añadido a KEV

22 ago 2023

Remediar antes de

12 sept 2023

Uso conocido en ransomware

Descripción resumida

Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.

Acción requerida

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notas

https://www.veeam.com/kb4424; https://nvd.nist.gov/vuln/detail/CVE-2023-27532

CVEs relacionados
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2024-40711
99.8%
KEV80Veeam Backup and Replication Deserialization Vulnerability
CVE-2022-26500
92.4%
KEV78Veeam Backup & Replication Remote Code Execution Vulnerability
CVE-2022-26501
90.0%
KEV77Veeam Backup & Replication Remote Code Execution Vulnerability