CVE-2020-15418 : Security Advisory and Response

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Veeam ONE 10.0.0.750_20200415 due to an XXE flaw within the SSRSReport class.

Understanding CVE-2020-15418

This CVE involves a vulnerability in Veeam ONE 10.0.0.750_20200415 that enables attackers to access sensitive data without authentication.

What is CVE-2020-15418?

The vulnerability in Veeam ONE 10.0.0.750_20200415 allows remote attackers to reveal confidential information by exploiting an XXE flaw in the SSRSReport class.

The Impact of CVE-2020-15418

CVSS Base Score: 7.5 (High Severity)
Attack Vector: Network
Confidentiality Impact: High
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Attackers can disclose file contents in the context of SYSTEM without requiring authentication.

Technical Details of CVE-2020-15418

This section provides detailed technical information about the vulnerability.

Vulnerability Description

The flaw in Veeam ONE 10.0.0.750_20200415 arises from improper restriction of XML External Entity (XXE) references, allowing specially crafted documents to access and embed external content into the XML document.

Affected Systems and Versions

Affected Product: Veeam ONE
Affected Version: 10.0.0.750_20200415

Exploitation Mechanism

Attackers can exploit this vulnerability by crafting a document with a URI that tricks the XML parser into accessing external content, leading to disclosure of sensitive information.

Mitigation and Prevention

Protect your systems from CVE-2020-15418 with the following steps:

Immediate Steps to Take

Apply vendor-supplied patches promptly
Monitor for any unauthorized access or data disclosure

Long-Term Security Practices

Regularly update and patch software to address vulnerabilities
Implement network segmentation and access controls

Patching and Updates

Check for security advisories from Veeam and apply patches as soon as they are available