The version of Veeam Backup and Replication installed on the remote Windows host is a version prior to 10.0.1.4854 P20220304 or prior to 11.0.1.1261 P20220302 or prior to. It is, therefore, affected by multiple vulnerabilities:

– Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code.
(CVE-2022-26500)

– Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control. (CVE-2022-26501)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.Read More