Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
According to Veeam official advisory, all the versions BEFORE Veeam Backup Enterprise Manager 12.1.2.172
are vulnerable
Disclaimer
This software has been created purely for the purposes of academic research and for the development of effective defensive techniques, and is not intended to be used to attack systems except where explicitly authorized. Project maintainers are not responsible or liable for misuse of the software. Use responsibly.
File Size: Not Define
What do you think?
It is nice to know your opinion. Leave a comment.