CVE-2015-5742

Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication versions prior to 8.0 update 3

Description The issue allows local users to obtain sensitive information by reading log files with world-readable permissions, where local administrator credentials are stored. This is due to the storage of credentials in log files by VeeamVixProxy.

Recommendations For versions prior to 8.0 update 3, update to version 8.0 update 3 or later to resolve the issue. As a temporary workaround, consider restricting access to the log files to minimize the risk of exploitation.