Hi all,
Just found out about kb4879.
This KB describes a vulnerability on the linux version of the Veeam update component.
I was wondering if the VIA deployments are also affected, they probably use the same update component only there is no reference of this on the KB.
-
mjr.epicfail
- Veeam Legend
- Posts: 633
- Liked: 181 times
- Joined: Apr 22, 2022 12:14 pm
- Full Name: Danny de Heer
- Contact:
Veeam kb4879 only VSA or also VIA
VMCE / Veeam Legend 2*
-
Mildur
- Product Manager
- Posts: 12005
- Liked: 3413 times
- Joined: May 13, 2017 4:51 pm
- Full Name: Fabian K.
- Location: Switzerland
- Contact:
Re: Veeam kb4879 only VSA or also VIA
Hi Danny,
Since Veeam Updater is deployed on both appliance types, I would perform the update for both VSA and VIA.
Regarding the official statement, I’m checking with my colleagues.
Best,
Fabian
Since Veeam Updater is deployed on both appliance types, I would perform the update for both VSA and VIA.
Regarding the official statement, I’m checking with my colleagues.
Best,
Fabian
Product Management Analyst @ Veeam Software
-
Mildur
- Product Manager
- Posts: 12005
- Liked: 3413 times
- Joined: May 13, 2017 4:51 pm
- Full Name: Fabian K.
- Location: Switzerland
- Contact:
Re: Veeam kb4879 only VSA or also VIA
Hi Danny,
We have updated the KB and can confirm that any appliance — Veeam Software Appliance or Veeam Infrastructure Appliance — is impacted by this vulnerability. This also applies to Veeam Infrastructure Appliances managed by a Windows-based backup server.
The same solution documented in the KB can also be applied to Veeam Infrastructure Appliances managed by a Windows-based backup server.
Best,
Fabian
We have updated the KB and can confirm that any appliance — Veeam Software Appliance or Veeam Infrastructure Appliance — is impacted by this vulnerability. This also applies to Veeam Infrastructure Appliances managed by a Windows-based backup server.
The same solution documented in the KB can also be applied to Veeam Infrastructure Appliances managed by a Windows-based backup server.
Best,
Fabian
Product Management Analyst @ Veeam Software
-
dejan.ilic
- Enthusiast
- Posts: 54
- Liked: 5 times
- Joined: Apr 11, 2019 11:37 am
- Full Name: Dejan Ilic
- Contact:
Re: Veeam kb4879 only VSA or also VIA
The page is marked for v13, but the text seems to cover only v12.
I suppose you will have to update the page once again to avoid confusion.
"Product: Veeam Backup & Replication | 13"
I suppose you will have to update the page once again to avoid confusion.
"Product: Veeam Backup & Replication | 13"
-
Mildur
- Product Manager
- Posts: 12005
- Liked: 3413 times
- Joined: May 13, 2017 4:51 pm
- Full Name: Fabian K.
- Location: Switzerland
- Contact:
Re: Veeam kb4879 only VSA or also VIA
Hi Dejan,
Thanks for your feedback, but there is nothing wrong with the versioning in the KB.
The vulnerability mentioned in the KB applies to Veeam Updater on our appliances. Since appliances are available starting with Veeam Backup & Replication v13.0.*, the product category in the KB is "Veeam Backup & Replication v13".
The Veeam Updater has not yet the same version number as VBR. The version after the update will be v12.3.0.65.
Our next minor update, Veeam Backup & Replication v13.1, will include a new updater with the same minor version as the backup server — Veeam Backup & Replication v13.1.**** and Veeam Updater v13.1.****.
If you are still on Veeam Backup & Replication v12, then you are not impacted by this vulnerability.
Best,
Fabian
Thanks for your feedback, but there is nothing wrong with the versioning in the KB.
The vulnerability mentioned in the KB applies to Veeam Updater on our appliances. Since appliances are available starting with Veeam Backup & Replication v13.0.*, the product category in the KB is "Veeam Backup & Replication v13".
The Veeam Updater has not yet the same version number as VBR. The version after the update will be v12.3.0.65.
Our next minor update, Veeam Backup & Replication v13.1, will include a new updater with the same minor version as the backup server — Veeam Backup & Replication v13.1.**** and Veeam Updater v13.1.****.
If you are still on Veeam Backup & Replication v12, then you are not impacted by this vulnerability.
Best,
Fabian
Product Management Analyst @ Veeam Software
Who is online
Users browsing this forum: Amazon [Bot], DuckDuckGo [Bot] and 381 guests