CVE-2022-26500 is a vulnerability in Veeam Backup Replication
Published on March 17, 2022
Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code.
Known Exploited Vulnerability
This Veeam Backup & Replication Remote Code Execution Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.
The following remediation steps are recommended / required by January 3, 2023: Apply updates per vendor instructions.
Vulnerability Analysis
CVE-2022-26500 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
What is a Directory traversal Vulnerability?
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
CVE-2022-26500 has been classified to as a Directory traversal vulnerability or weakness.
Products Associated with CVE-2022-26500
You can be notified by stack.watch whenever vulnerabilities like CVE-2022-26500 are published in these products:
What versions of Backup Replication are vulnerable to CVE-2022-26500?
- Veeam Backup Replication Version 9.5.4.2615
- Veeam Backup Replication Version 9.5.0.1536
- Veeam Backup Replication Version 11.0.1.1261 p20211123
- Veeam Backup Replication Version 11.0.1.1261 p20211211
- Veeam Backup Replication Version 11.0.1.1261 -
- Veeam Backup Replication Version 10.0.1.4854 p20210609
- Veeam Backup Replication Version 10.0.1.4854 p20201202
- Veeam Backup Replication Version 10.0.1.4854 -
- Veeam Backup Replication Version 10.0.0.4442 Fixed in Version 10.0.1.4854
- Veeam Backup Replication Version 11.0.0.825 Fixed in Version 11.0.1.1261