Standalone backup agent for Microsoft Windows servers and workstations (formerly Veeam Endpoint Backup FREE)
Post Reply
Timonby
Lurker
Posts: 1
Liked: 1 time
Joined: Dec 20, 2024 7:06 am
Contact:

CVE-2024-48510 with Agent 6.3

Post by Timonby » 1 person likes this post

The security department found this vulnerability in the latest agent. I would like to hear from Veeam their comment on the vulnerability and solutions.

Vulnerability CVE-2024-48510 is present on server srv-xxx due to outdated version of Veeam -> C:\Program Files\Veeam\Endpoint Backup\Ionic.Zip.dll (1.9.1.9000).

CVE-2024-48510 vulnerability details:
A directory traversal vulnerability in DotNetZip v.1.16.0 and earlier allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component.
Post Reply

Who is online

Users browsing this forum: Semrush [Bot] and 14 guests