Veeam has patched four vulnerabilities in Backup Enterprise Manager (VBEM), one of which (CVE-2024-29849) may allow attackers to bypass authentication and log in to its web interface as any user. With no user interaction required for remote exploitation and a low complexity of attack, CVE-2024-29849 is deemed to be critical. Other fixed bugs Veeam Backup Enterprise Manager (VBEM) is an application that is used to manage the Veeam Backup & Replication solution – a backup/restore … More

The post Veeam fixes auth bypass flaw in Backup Enterprise Manager (CVE-2024-29849) appeared first on Help Net Security.