Veeam Backup \& Replication
by Veeam
CVEs (35)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-21708 | Cri | 0.64 | 9.9 | 0.01 | Mar 12, 2026 | A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user. | ||
| CVE-2026-21669 | Cri | 0.64 | 9.9 | 0.01 | Mar 12, 2026 | A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | ||
| CVE-2026-21671 | Cri | 0.59 | 9.1 | 0.01 | Mar 12, 2026 | A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication. | ||
| CVE-2026-21672 | Hig | 0.57 | 8.8 | 0.00 | Mar 12, 2026 | A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers. | ||
| CVE-2026-21668 | Hig | 0.57 | 8.8 | 0.01 | Mar 12, 2026 | A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository. | ||
| CVE-2026-32997 | Hig | 0.56 | — | 0.01 | May 28, 2026 | A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & Replication server. | ||
| CVE-2025-32406 | Hig | 0.56 | 8.6 | 0.00 | Apr 8, 2025 | An XXE issue in the Director NBR component in NAKIVO Backup & Replication 10.3.x through 11.0.1 before 11.0.2 allows remote attackers fetch and parse the XML response. | ||
| CVE-2026-21670 | Hig | 0.50 | 7.7 | 0.00 | Mar 12, 2026 | A vulnerability allowing a low-privileged user to extract saved SSH credentials. | ||
| CVE-2023-27532 | 0.25 | — | 0.78 | KEV | Mar 10, 2023 | Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts. | ||
| CVE-2022-26501 | 0.24 | — | 0.04 | KEV | Mar 17, 2022 | Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). | ||
| CVE-2024-48248 | 0.20 | — | 0.94 | KEV | Mar 4, 2025 | NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials). | ||
| CVE-2022-26500 | 0.20 | — | 0.06 | KEV | Mar 17, 2022 | Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code. | ||
| CVE-2024-29849 | 0.04 | — | 0.17 | May 22, 2024 | Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface. | |||
| CVE-2026-21666 | 0.00 | — | 0.01 | Mar 12, 2026 | A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | |||
| CVE-2026-21667 | 0.00 | — | 0.01 | Mar 12, 2026 | A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | |||
| CVE-2025-48983 | 0.00 | — | 0.01 | Oct 30, 2025 | A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code execution (RCE) on the Backup infrastructure hosts by an authenticated domain user. | |||
| CVE-2025-48984 | 0.00 | — | 0.01 | Oct 30, 2025 | A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user. | |||
| CVE-2024-45204 | 0.00 | — | 0.00 | Dec 4, 2024 | A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials. The exploitation involves using retrieved credentials to expose sensitive NTLM hashes, impacting systems beyond the initial… | |||
| CVE-2024-42451 | 0.00 | — | 0.00 | Dec 4, 2024 | A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over an external protocol, ultimately retrieving the credentials using a malicious setup on the attacker's side.… | |||
| CVE-2024-42453 | 0.00 | — | 0.00 | Dec 4, 2024 | A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially… |
- risk 0.64cvss 9.9epss 0.01
A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user.
- risk 0.64cvss 9.9epss 0.01
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
- risk 0.59cvss 9.1epss 0.01
A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication.
- risk 0.57cvss 8.8epss 0.00
A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers.
- risk 0.57cvss 8.8epss 0.01
A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository.
- risk 0.56cvss —epss 0.01
A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & Replication server.
- risk 0.56cvss 8.6epss 0.00
An XXE issue in the Director NBR component in NAKIVO Backup & Replication 10.3.x through 11.0.1 before 11.0.2 allows remote attackers fetch and parse the XML response.
- risk 0.50cvss 7.7epss 0.00
A vulnerability allowing a low-privileged user to extract saved SSH credentials.
- risk 0.25cvss —epss 0.78
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.
- risk 0.24cvss —epss 0.04
Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).
- risk 0.20cvss —epss 0.94
NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials).
- risk 0.20cvss —epss 0.06
Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code.
- CVE-2024-29849May 22, 2024risk 0.04cvss —epss 0.17
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
- CVE-2026-21666Mar 12, 2026risk 0.00cvss —epss 0.01
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
- CVE-2026-21667Mar 12, 2026risk 0.00cvss —epss 0.01
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
- CVE-2025-48983Oct 30, 2025risk 0.00cvss —epss 0.01
A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code execution (RCE) on the Backup infrastructure hosts by an authenticated domain user.
- CVE-2025-48984Oct 30, 2025risk 0.00cvss —epss 0.01
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
- CVE-2024-45204Dec 4, 2024risk 0.00cvss —epss 0.00
A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials. The exploitation involves using retrieved credentials to expose sensitive NTLM hashes, impacting systems beyond the initial…
- CVE-2024-42451Dec 4, 2024risk 0.00cvss —epss 0.00
A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over an external protocol, ultimately retrieving the credentials using a malicious setup on the attacker's side.…
- CVE-2024-42453Dec 4, 2024risk 0.00cvss —epss 0.00
A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially…
Page 1 of 2