Vulnerability CVE-2023-38546

Veeam Backup & Replication is not vulnerable to CVE-2023-38545 because it does not use SOCKS5 protocol. 
veeam.com/kb4523

https://forums.veeam.com/veeam-agents-for-linux-mac-aix-solaris-f41/veeam-agent-for-linux-cve-2023-38545-cve-2023-38546-t91367.html

To add, you can remote the affected binaries as per the KB which should stop it being flagged by your Vulnerability Scanner with no detrimental effect on your installation. 

The main problem with ignoring it (because Veeam doesn’t use SOCK5) is that scanners will continue to flag the vulnerability every time they scan, and that just doesn’t sit well security teams. I’m not sure what dips means when he says to “remote” the affected binaries”. Here is the KB article released last week about this:

https://www.veeam.com/kb4523

That was a typo. It should have said remove*

I would just remove the binaries associated in the KB posted to stop the scanner flagging things.  Easiest solution to me.

But there are two impornant notes in the KB.

VDDK Library Must Remain on VMware Backup Proxies

Do not remove the VDDK libraries from VMware Backup Proxies. Removing the VDDK libraries from a VMware Backup Proxy will cause operations that attempt to use that proxy to communicate with VMware vSphere to fail with the error documented in KB2678.

Veeam Transport Redeployment

If the Veeam Transport package is reinstalled, either manually or as a result of an upgrade, the VDDK libraries will be reinstalled and will have to be removed again.