Veeam Product Security Update Advisory

Jun 19 2024

Overview

Veeam has announced an update to address vulnerabilities. Users of the affected versions are advised to update to the latest version.

Affected Products

Veeam Recovery Orchestrator (VRO) version 7.0.0.337

Resolved Vulnerabilities

Vulnerability in Veeam Recovery Orchestrator (VRO) where JSON Web Token (JWT) secret keys are embedded (or hard-coded) within application code (CVE-2024-29855)

Vulnerability Patches

Vulnerability patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

Veeam Recovery Orchestrator (VRO) 7.1.0.230 version
Veeam Recovery Orchestrator (VRO) 7.0.0.379 version

Referenced Sites

[1] CVE-2024-29855 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-29855

[2] Veeam Recovery Orchestrator Vulnerability (CVE-2024-29855)

https://www.veeam.com/kb4585

Veeam Product Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Palo Alto Networks (Cortex XDR Agent, GlobalProtect App, Prisma Cloud Compute) Family June 2024 Security Update Advisory

Google Chrome Browser (126.0.6478.114/115) Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Palo Alto Networks (Cortex XDR Agent, GlobalProtect App, Prisma Cloud Compute) Family June 2024 Security Update Advisory

Google Chrome Browser (126.0.6478.114/115) Security Update Advisory