Fixing Veeam Service Provider Console Vulnerability (CVE-20204-29212)

Hi! This is a notice for Veeam´s VCSP Partners. Veeam asks service provider partners using supported versions (v7 & v8) of the Veeam Service Provider Console to apply the latest cumulative patches. While no confirmed cases of CVE-2024-29212 are being exploited, the advisory emphasizes the urgency of patching the vulnerability.

The following paths fix this vulnerability and do not affect any other Veeam product (e.g., Veeam Backup & Replication, Veeam Agent for Microsoft Windows, Veeam ONE, etc.).

· Veeam Service Provider Console 7.0.0.18899

· Veeam Service Provider Console 8.0.0.19236

Refer to the KB4575:

https://www.veeam.com/kb4575

Page 1 / 1

@leduardoserrano Thanks for the heads up ! We received the mailing today.

Downloaded the ISO, stopped the services and then run VSPC.ApplicationServer.x64_8.0.0.19236 + VSPC.WebUI.x64_8.0.0.19236 as administrator

Upgraded to the latest versions without any hickups !

Thanks for the feedback @kristofpoppe ! I'm happy to know that the fix worked without any major problems!

Applied this fix yesterday and no issues. Thanks for sharing.

Came to post this.....of course I was too late....but a CVSS score of 9.9. Patch today folks!

Thank you for sharing this update.

Comment

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded