Description
VeeamVixProxy in Veeam Backup & Replication (B&R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive information by reading the files.
References (6)
Core 6
Core References
Exploit x_refsource_misc
http://packetstormsecurity.com/files/133906/Veeam-Backup-And-Replication-6-7-8-Privilege-Escalation.html
Various Sources x_refsource_confirm
https://www.veeam.com/kb2180
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/Oct/44
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/536647/100/0/threaded
Vendor Advisory x_refsource_confirm
http://www.veeam.com/kb2068
Scores
EPSS
0.0050
EPSS Percentile
39.1%
Details
CWE
CWE-200
Status
published
Products (1)
veeam/veeam_backup_\&_replication
< 8.0.0.2030
Published
Oct 16, 2015
Tracked Since
Feb 18, 2026