BugZero | Veeam BugID kb4231 - Veeam Best Practices regarding CVE-2021-36934

OPERATIONAL DEFECT DATABASE

...

BugZero | Veeam BugID kb4231 - Veeam Best Practices regarding CVE-2021-36934

Veeam - Defect ID: kb4231

Veeam Best Practices regarding CVE-2021-36934

Veeam - Defect ID: kb4231

Veeam Best Practices regarding CVE-2021-36934

Last updated on November 1st, 2021

BugZero Risk Score
9.8 High

Overall: 9.8

Severity: 10.0

Community: 8.7

What is the BugZero Risk Score?

Veeam Integration

Learn more about where this data comes from

Veeam Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Priority: Issue
Status: Solved

Description

Challenge

This article documents Veeam's position on Windows Elevation of Privilege Vulnerability CVE-2021-36934. Specifically regarding the listed mitigation steps involving removal of all shadow copies, and the "Impact of workaround" mentioned in the Workarounds section of CVE-2021-36934.

Solution

While VSS and shadow copies are mentioned in CVE-2021-36934, shadow copy mechanisms are not part of the vulnerability. The advice to remove all shadow copies is because shadow copies created before the update may contain exploitable data. The Workarounds section of CVE-2021-36934 states, "Deleting shadow copies could impact restore operations, including the ability to restore data with third-party backup applications." This statement does not apply to Veeam products (such as Backup & Replication or Agent for Windows). Veeam uses volatile shadow copies, which are deleted automatically when the backup job completes. Deletion of VSS shadow copies, as advised in CVE-2021-36934, will not affect Veeam backups.

Change history

2021-11-01 Added: ALL

Top Veeam Defects

9.9Defect ID: kb4445
Restore/Failover/SureBackup of Virtual Machines running Windows 8.1/Window Server 2012 R2 (or older) triggers chkdsk if Veeam Backup Server or Mount Server is Running Windows Server 2022 (or newer)
9.8Defect ID: kb4529
OneDrive backup job fails with "Download request retry timeout exceeded"
9.8Defect ID: kb1914
“Invalid Credentials” Error Adding a Hyper-V Host Using a Local Account
9.7Defect ID: kb4648
Connection to Veeam Software Appliance Fails With: "Authentication failed: invalid credentials"
9.7Defect ID: kb4548
Agent is managed by another Veeam server

Veeam Integration

Learn more about where this data comes from

Veeam Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

Veeam - Defect ID: kb4231

Veeam Best Practices regarding CVE-2021-36934

Veeam - Defect ID: kb4231

Veeam Best Practices regarding CVE-2021-36934

Last updated on November 1st, 2021

BugZero Risk Score9.8 High

Bug Details

Challenge

Solution

Links

Top Veeam Defects

Ready to prevent the next vendor outage?

BugZero Risk Score
9.8 High