Release hotfix for:
This vulnerability in Veeam Backup Enterprise Manager allows attackers to bypass the authentication while performing a Man-in-the-Middle (MITM) attack.
Link to hotfix: https://www.veeam.com/kb4682
Thank you for sharing this information. My question here did you face vulnerability in Veeam Backup Enterprise Manager.
Thanks for posting this one Marco. I am going to investigate it and see what is required for patching it.
I hope so your investigation will helpful for us.
Looks like just a .dll file is being patched:
So pretty straight forward.
To verify patch, run the following as per the KB
Get-FileHash -Path 'C:\Program Files\Veeam\Backup and Replication\Enterprise Manager\Veeam.Backup.Enterprise.Core.dll' -Algorithm SHA1The hash should be: FDC176FCE4825023F14462A51541C1DF591B28AC
If not, you are vulnerable.
The patch is very fast at install. Only affects two services for VEM.
Tks
That webpage has disappeared.
That webpage has disappeared.
can confirm this. Yesterday it was available, i did a download on a customer installation. Has anyone more information why the KB is not online anymore, or is it a temporary problem?
Thanks Markus
Same here tired to get to the download page and its not working, any updates?
It’s available again 
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.