On 6 November 2023, Veeam published security hotfixes for two critical-severity vulnerabilities impacting Veeam ONE. CVE-2023-38547 (CVSS 9.9) could allow an unauthenticated threat actor to obtain information about the SQL server connection used by Veeam ONE to access its configuration database, which in turn could lead to remote code execution (RCE) on the SQL … CVE-2023-38547 & CVE-2023-38548: Two Critical Vulnerabilities in Veeam ONE
Article Link: CVE-2023-38547 & CVE-2023-38548: Two Critical Vulnerabilities in Veeam ONE - Arctic Wolf