How to Install Veeam Backup & Replication 12 Cumulative Patches P20230223
Vulnerability in this Veeam Backup & Replication component allows unauthorized users to obtain encrypted credentials stored in the configuration database. The vulnerability may lead to these unauthorized users gaining access to backup infrastructure hosts. The vulnerable process Veeam.Backup.Service.exe (TCP 9401 by default) allows unauthenticated users to request encrypted credentials.
Veeam released new patches to fix this vulnerability on March 7, 2023. No Hosts restart is required after installing this patch.