Vulnerability in Veeam Backup & Replication - March 2023

On my Laptop i have Agent 5.0.3.4708 and this version can not read the size of the backup repos on the Veeam Server with the updates components (PATCH IS NOT INSTALLED HERE).
On an other Laptop i installed the newest Veeam Agent for Windows 6.0.0.960 and when i want to create a job with that Agent the Agent says:

Hi JMeixner

The Agent for Windows (for Client backups) is communicating to a virtual server with Veeam B+R 11.
The client is not managed, its the free edition. I did not update the client Software or that Veeam server installation. I just patched the server installation that is responsible for the backup of our virtual servers

I do not know why the two Veeam servers are connected, my colleague installed the whole Veeam infrastructure.

Dear Community
We have here a physical standalone Veeam Backup Server with Veeam B+R 11 where i installed that Patch yesterday and that worked well i think.

We also have a virtual Veeam Server with Veeam B+R 11 where we save client backups from our Windows Computer with Veeam Agent for Windows (Free Edition) On that System i did not install the Patch

In the productive Veeam Backup Server i see the other server in the “Backup Infrastructure” section as Member.
I do not exactly know why these two Veeam servers are connected, the important one i patched is for Backup of productive virtual servers, the not so important one is for the client backups.

The patch did some component updates on all connected systems (remote repos, backup proxies) and somehow also on that connected Veeam Backup Server for the clients.

Now, my Agent for Windows (Free Edition) can not backup our clients anymore, when i edit the existing backup job on a client the client can not get the informations of the backup repository. Message is “failed to retrieve disk space”

How can i check if that component update is responsible for that problem ?

Is there a way to downgrade the components of that Veeam Server that is responsible for the client backups ?

Thank you very much for your help

Afternoon, I had a reminder from Veeam today that I want to share, before installing this patch, if you have any private fixes / hotfixes, be sure to check with Veeam support that you’re okay to patch before doing so.

Hi.

After install new version …

Please help.

Jan

 

Problem fixed.  Run as administrator for the first time. 😁

@pgallengaThank you for the feedback. I’m glad that support could solve this one 😊 Probably not every private hotfix is included in the following CU, so in your case some parts were reverted by the patch.

Use this link that was posted above which is just the patch for 11a - Veeam Software for Enterprise

This will just do the upgrade rather than using the ISO and is smaller.

Yes, please check out the V11 upgrade center:  http://vee.am/v11upgradecenter (but also the V12 Upgrade Center:  http://vee.am/v12upgradecenter )

Do a configuration backup of your Veeam database first.  with this you can recreate your VBR servee in case something happens.

With the ISO you can do an update. Normally no settings are overwritten.

There are several guides here in the community, please do  search for “update".

@46er You might only see problems during restores if your repositores aren’t hosted by the Veeam backup server itself.

But, if you’re still on VBR v9 you have much worse unpatched vulnerabilities:

https://www.veeam.com/kb4288?ad=in-text-link

https://www.veeam.com/kb4289?ad=in-text-link

https://www.veeam.com/kb4290?ad=in-text-link

I wouldn’t wait any longer to patch your environment. Especially as there are known attacks using the vulnerabilities above.

I keep getting the same error to stop and disable all jobs. I have made sure there are no running jobs and have rebooted the server. Do I need to disable all jobs even if they aren’t running?

 

One trick I’ve done for this message is reboot, and before the services start back up - run the hotfix. 

If you still can’t get it installed - I’d recommend you open a support ticket.

I keep getting the same error to stop and disable all jobs. I have made sure there are no running jobs and have rebooted the server. Do I need to disable all jobs even if they aren’t running?

 

@Cassy.Haley You only need to disable jobs, which are continuously running. Like copy jobs or tape jobs for example. Also make sure no Veeam Backup Console is open.