Impact of CVE-2024-7264 on Backup Exec.

book

Article ID: 100071871

calendar_today

Updated On:

Description

Error Message

CVE-2024-7264 reported by Vulnerability Scanner.

Cause

Vmware VDDK is susceptible to this vulnerability.

VMware has acknowledged this. However, risk is low as VDDK uses curl only to connect to trusted sites (VMware vCenter) and CURLINFO_CERTINFO is not used by VDDK.

Resolution

Backup Exec is not impacted by this vulnerability, as Backup Exec does not use the impacted LibCurl library directly for any remote connections.

Backup Exec uses VDDK only during VMware backups. VMware is committed and may address this issue in their next VDDK release.

Issue/Introduction

Impact of CVE-2024-7264 on Backup Exec.

Additional Information

ETrack: 4179586

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"