COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Backup & Replication product

4
failure events
0
zero-days
3
RCEs
4
on KEV
4
critical
95
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 4 events

DateEventSevFlagsShameSummary
2024-10-17 CVE-2024-40711 critical ⚡RCE ⌖KEV 95 Veeam Backup and Replication contains a deserialization vulnerability allowing an unauthenticated user to perform remote code execution.
2022-12-13 CVE-2022-26501 critical ⚡RCE ⌖KEV 95 The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.
2022-12-13 CVE-2022-26500 critical ⚡RCE ⌖KEV 95 The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.
2023-08-22 CVE-2023-27532 critical ⌖KEV 80 Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration da