Vulnerability (CVE-2022-26504) in Veeam Backup & Replication component used for Microsoft System Center Virtual Machine Manager (SCVMM) integration allows domain users to execute malicious code remotely. This may lead to gaining control over the target system.
CVSS v3 score: 8.8
The vulnerable process Veeam.Backup.PSManager.exe (TCP 8732 by default) allows authentication using non-administrative domain credentials. A remote attacker may use the vulnerable component to execute arbitrary code.
NOTE: The default Veeam Backup & Replication installation is not vulnerable to this issue. Only Veeam Backup & Replication installations with an SCVMM server registered are vulnerable.
This form is only for KB Feedback/Suggestions, if you need help with the software open a support case