CVE-2023-27532 (GCVE-0-2023-27532)

Vulnerability from cvelistv5 – Published: 2023-03-10 00:00 – Updated: 2025-10-21 23:15
VLAI? CISA KEV
Summary
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE-306 - Missing Authentication for Critical Function (CWE-306)
Assigner
References
Impacted products
Vendor Product Version
n/a Veeam Backup & Replication Affected: Fixed Versions: v12 (build 12.0.0.1420 P20230223)
Affected: 11a (build 11.0.1.1261 P20230227)
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: bd8c2bd2-f671-4943-90e4-4d5b0d6f4f8f

Vulnerability ID: CVE-2023-27532

Status: Confirmed

Status Updated: 2023-08-22 00:00 UTC

Exploited: Yes

Timestamps
First Seen: 2023-08-22
Asserted: 2023-08-22
Scope
Notes: KEV entry: Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability | Affected: Veeam / Backup & Replication | Description: Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts. | Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. | Due date: 2023-09-12 | Known ransomware campaign use (KEV): Known | Notes (KEV): https://www.veeam.com/kb4424; https://nvd.nist.gov/vuln/detail/CVE-2023-27532
Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details
Cwes CWE-306
Feed CISA Known Exploited Vulnerabilities Catalog
Product Backup & Replication
Due Date 2023-09-12
Date Added 2023-08-22
Vendorproject Veeam
Vulnerabilityname Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability
Knownransomwarecampaignuse Known
References
Created: 2026-02-02 12:26 UTC | Updated: 2026-02-06 07:17 UTC
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T12:16:35.584Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.veeam.com/kb4424"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-27532",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-28T21:19:54.717692Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2023-08-22",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-27532"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:15:24.077Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-27532"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2023-08-22T00:00:00+00:00",
            "value": "CVE-2023-27532 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Veeam Backup \u0026 Replication",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed Versions: v12 (build 12.0.0.1420 P20230223)"
            },
            {
              "status": "affected",
              "version": "11a (build 11.0.1.1261 P20230227)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in Veeam Backup \u0026 Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "Missing Authentication for Critical Function (CWE-306)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-10T00:00:00.000Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://www.veeam.com/kb4424"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2023-27532",
    "datePublished": "2023-03-10T00:00:00.000Z",
    "dateReserved": "2023-03-02T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:15:24.077Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2023-27532",
      "cwes": "[\"CWE-306\"]",
      "dateAdded": "2023-08-22",
      "dueDate": "2023-09-12",
      "knownRansomwareCampaignUse": "Known",
      "notes": "https://www.veeam.com/kb4424;  https://nvd.nist.gov/vuln/detail/CVE-2023-27532",
      "product": "Backup \u0026 Replication",
      "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Veeam Backup \u0026 Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.",
      "vendorProject": "Veeam",
      "vulnerabilityName": "Veeam Backup \u0026 Replication Cloud Connect Missing Authentication for Critical Function Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2023-09-12",
      "cisaExploitAdd": "2023-08-22",
      "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "cisaVulnerabilityName": "Veeam Backup \u0026 Replication Cloud Connect Missing Authentication for Critical Function Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veeam:veeam_backup_\\\\\u0026_replication:11.0.1.1261:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AC06A80-CAA8-45A4-BCA3-A36D56F70B39\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veeam:veeam_backup_\\\\\u0026_replication:11.0.1.1261:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC28D606-0A9B-46E5-A88C-8041357979DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veeam:veeam_backup_\\\\\u0026_replication:11.0.1.1261:p20211123:*:*:*:*:*:*\", \"matchCriteriaId\": \"8158D6BC-2041-4600-B935-AD928621D987\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veeam:veeam_backup_\\\\\u0026_replication:11.0.1.1261:p20211211:*:*:*:*:*:*\", \"matchCriteriaId\": \"54A5147A-341A-4790-AAA8-DF2648423C50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veeam:veeam_backup_\\\\\u0026_replication:11.0.1.1261:p20220302:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F5A2E58-F9C3-4A65-A83B-C86C970A01D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veeam:veeam_backup_\\\\\u0026_replication:12.0.0.1420:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA570EC1-4A95-4AD3-8E8C-087769F95F02\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Vulnerability in Veeam Backup \u0026 Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.\"}]",
      "id": "CVE-2023-27532",
      "lastModified": "2024-11-21T07:53:06.657",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
      "published": "2023-03-10T22:15:10.557",
      "references": "[{\"url\": \"https://www.veeam.com/kb4424\", \"source\": \"support@hackerone.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.veeam.com/kb4424\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "support@hackerone.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"support@hackerone.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-306\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-306\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-27532\",\"sourceIdentifier\":\"support@hackerone.com\",\"published\":\"2023-03-10T22:15:10.557\",\"lastModified\":\"2025-11-03T18:06:27.833\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in Veeam Backup \u0026 Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"cisaExploitAdd\":\"2023-08-22\",\"cisaActionDue\":\"2023-09-12\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Veeam Backup \u0026 Replication Cloud Connect Missing Authentication for Critical Function Vulnerability\",\"weaknesses\":[{\"source\":\"support@hackerone.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veeam:veeam_backup_\\\\\u0026_replication:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.0.1.1261\",\"matchCriteriaId\":\"FCD9FAE2-4E62-41AC-85EC-5793FD30A3AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veeam:veeam_backup_\\\\\u0026_replication:11.0.1.1261:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC28D606-0A9B-46E5-A88C-8041357979DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veeam:veeam_backup_\\\\\u0026_replication:11.0.1.1261:p20211123:*:*:*:*:*:*\",\"matchCriteriaId\":\"8158D6BC-2041-4600-B935-AD928621D987\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veeam:veeam_backup_\\\\\u0026_replication:11.0.1.1261:p20211211:*:*:*:*:*:*\",\"matchCriteriaId\":\"54A5147A-341A-4790-AAA8-DF2648423C50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veeam:veeam_backup_\\\\\u0026_replication:11.0.1.1261:p20220302:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F5A2E58-F9C3-4A65-A83B-C86C970A01D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veeam:veeam_backup_\\\\\u0026_replication:12.0.0.1420:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA570EC1-4A95-4AD3-8E8C-087769F95F02\"}]}]}],\"references\":[{\"url\":\"https://www.veeam.com/kb4424\",\"source\":\"support@hackerone.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.veeam.com/kb4424\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-27532\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.veeam.com/kb4424\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T12:16:35.584Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-27532\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-28T21:19:54.717692Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2023-08-22\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-27532\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-08-22T00:00:00+00:00\", \"value\": \"CVE-2023-27532 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-27532\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-28T21:19:05.317Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"Veeam Backup \u0026 Replication\", \"versions\": [{\"status\": \"affected\", \"version\": \"Fixed Versions: v12 (build 12.0.0.1420 P20230223)\"}, {\"status\": \"affected\", \"version\": \"11a (build 11.0.1.1261 P20230227)\"}]}], \"references\": [{\"url\": \"https://www.veeam.com/kb4424\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vulnerability in Veeam Backup \u0026 Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-306\", \"description\": \"Missing Authentication for Critical Function (CWE-306)\"}]}], \"providerMetadata\": {\"orgId\": \"36234546-b8fa-4601-9d6f-f4e334aa8ea1\", \"shortName\": \"hackerone\", \"dateUpdated\": \"2023-03-10T00:00:00.000Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-27532\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:15:24.077Z\", \"dateReserved\": \"2023-03-02T00:00:00.000Z\", \"assignerOrgId\": \"36234546-b8fa-4601-9d6f-f4e334aa8ea1\", \"datePublished\": \"2023-03-10T00:00:00.000Z\", \"assignerShortName\": \"hackerone\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.