Operational Defect Database

BugZero found this defect 162 days ago.

Veeam | kb4508

CVE-2023-38547 | CVE-2023-38548 | CVE-2023-38549 | CVE-2023-41723

Last update date:

1/10/2024

Affected products:

Veeam ONE

Veeam Recovery Orchestrator

Affected releases:

12

Fixed releases:

No fixed releases provided.

Description:

Issue Details

CVE-2023-38547 A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database. Affected Version(s)*: Veeam ONE 11, 11a, 12 Severity: Critical CVSS v3.1: 9.9   CVE-2023-38548 A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service. Affected Version(s)*: Veeam ONE 12 Severity: Critical CVSS v3.1 score:  9.8   CVE-2023-38549 A vulnerability in Veeam ONE allows a user with the Veeam ONE Power User role to obtain the access token of a user with the Veeam ONE Administrator role through the use of XSS. Note: The criticality of this vulnerability is reduced as it requires interaction by a user with the Veeam ONE Administrator role. Affected Version(s)*: Veeam ONE 11, 11a, 12 Severity: Medium CVSS v3.1 score: 4.5   CVE-2023-41723 A vulnerability in Veeam ONE allows a user with the Veeam ONE Read-Only User role to view the Dashboard Schedule. Note: The criticality of this vulnerability is reduced because the user with the Read-Only role is only able to view the schedule and cannot make changes. Affected Version(s)*: Veeam ONE 11, 11a, 12 Severity: Medium CVSS v3.1 score: 4.3   *Vulnerability testing was only performed using actively supported versions of Veeam ONE.

Solution

A hotfix to resolve these vulnerabilities is available for the following versions: Veeam ONE 12 P20230314 (12.0.1.2591) Veeam ONE 11a (11.0.1.1880) Veeam ONE 11 (11.0.0.1379)

Download Information

Check Veeam ONE Build Number Before downloading the hotfix, check which version of Veeam ONE is installed using one of the methods below: Check under Help > About in the Veeam ONE Client. Check within Apps and Features or Programs and Features (Appwiz.cpl). Run the following command on the Veeam ONE server:

Deployment Information

Verify the version of Veeam ONE installed using one of the methods below: Check under Help > About in the Veeam ONE Client. Check within Apps and Features or Progams and Features (Appwiz.cpl). Run the following command on the Veeam ONE server:

Deployment Validation

As this is a hotfix, the build number of the software will not change. As such, validating the hotfix has been deployed requires checking the hash value of the files present and comparing them to the known hash values of the files included in the hotfix. Click the version row to expand the list of files included with the hotfix and their known SHA1 hash values.

More Information

The vulnerabilities associated with CVE-2023-38547, CVE-2023-38548, and CVE-2023-38549 were reported by Jarmo Puttonen(@putsi).

Additional Resources / Links

Share:

BugZero® Risk Score

What's this?

Coming soon

Status

Solved

cost-cta-background

Do you know how much operational outages are costing you?

Understand the cost to your business and how BugZero can help you reduce those costs.

Have you ever...

had your data corrupted from a

VMware

bug?

Search:

...