• Creation
  • Validation
  • Communication & fix
  • Disclosure

Integri Services / Veeam Backup & Replication Remote code execution
BloodyShell reported 2022-04-11

Your server have been found vulnerable to Veeam RCE.

This means any attacker can currently access your backup servers, execute code and download/modify/erase its content.

Patching is critical.

Reference : https://www.veeam.com/kb4288

IP:
185.111.206.161
Port:
9380
Detected protocol:
veeam-ds 
Found Veeam distribution service, vulnerable to CVE-2022-26500, CVE-2022-26501
===================================================================
UTC offset: 2.00 hours




[07.04.2022 18:32:47] <114> Info         UnLock.Success, sessionId: [9392ecf3-1b1b-465d-89f0-cde716ecdd08]
[07.04.2022 18:32:49] <112> Info         [RTS] Notified that job was finished. SessionId: [7c92d43b-3d85-4f20-b600-03bcecb64c3b]
[07.04.2022 18:32:49] <112> Info         [RTS] Unregister repository usage, jobSessionId '7c92d43b-3d85-4f20-b600-03bcecb64c3b'
[07.04.2022 18:32:49] <112> Info         [RTS] Unregister repository usage, jobSessionId '7c92d43b-3d85-4f20-b600-03bcecb64c3b'
[07.04.2022 18:32:49] <112> Info         [AwsBucketPoolMapping] Release buckets by session id '7c92d43b-3d85-4f20-b600-03bcecb64c3b'
Found by veeaml9 2022-04-11
Report created by BloodyShell  2022-04-11
Report approved by BloodyShell  2022-04-11
New PDF report generated by system 2022-04-11
Report dispatched to ...@... by system 2022-04-11
Report dispatched to ...@... by system 2022-04-11
Report dispatched to ...@... by system 2022-04-11
Report dispatched to ...@... by system 2022-04-11
Report comment dispatched to BloodyShell by system 2022-04-11
Report comment dispatched to iampritam by system 2022-04-11
Report comment dispatched to fokoil by system 2022-04-11
Report marked as fixed by BloodyShell  2022-04-29
Report closed by BloodyShell  2022-04-29
New PDF report generated by system 2022-04-29
Information
Owner Integri Services
Created 2022-04-11 11:47
Updated 2022-05-20 11:10
Fixed true
Contacts
s...@integri.services
f...@integri.services
k...@integri.services
v...@cert.be
Status
Status closed
Hosting contacted false
CERT contacted false
Download report

© 2024 LeakIX
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice