CVE-2023-27532CISA KEVEPSS p99.5%

CVE-2023-27532Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability

Veeam / Backup & Replication

Description

Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.

Scoring

EPSS77.61% probability of exploitation · percentile 99.5% · 2026-06-17T12:03:21Z

CISA KEV entry

Added to KEV: 2023-08-22

(incoming)1

TypeTargetConfidenceTier
KEVEntryVeeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerabilitykev-cve-2023-275320%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Veeam Backup & Replication Remote Code Execution Vulnerability
CVE
CVE-2026-21671
CVE
Veeam Backup and Replication Deserialization Vulnerability
CVE
CVE-2026-21672
CVE
CVE-2025-48983
CVE
CVE-2026-0274
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.