CVE-2025-23082

High CVSS: 7.2

Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

Vendor

Veeam

Product

Backup

CWE

CWE-918

Yayın Tarihi

2025-01-14 02:15:08

Güncelleme

2025-11-18 13:19:45

Source Identifier

support@hackerone.com

KEV Date Added

Kategoriler

CWE-918 Backup HIGH Veeam 2025

Referanslar

https://www.veeam.com/kb4709

Benzer Kayıtlar

Critical

CVE-2026-21666

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.

Critical

CVE-2026-21667

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.

High

CVE-2026-21668

A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup…

Critical

CVE-2026-21669

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.

High

CVE-2026-21670

A vulnerability allowing a low-privileged user to extract saved SSH credentials.

Critical

CVE-2026-21671

A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE)…