What is the CVSS score of CVE-2026-21668?

CVE-2026-21668 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Veeam Backup Replication are affected by CVE-2026-21668?

An authenticated domain user can bypass file restrictions and manipulate backup data without authorization, creating significant risk to data integrity and recovery capabilities.

How to fix or mitigate CVE-2026-21668?

Within 24 hours: Identify all backup repository instances and document current access controls; audit recent backup modification logs for suspicious activity. Within 7 days: Implement network segmentation to restrict backup repository access to authorized administrators only; enable enhanced logging and alerting on all file operations. Within 30 days: Evaluate alternative backup solutions; conduct full forensic review of backup integrity; develop and test incident response procedures for backup compromise scenarios.

Veeam Backup Replication CVE-2026-21668

HIGH

Missing Authorization (CWE-862)

2026-03-12 support@hackerone.com

Authentication Bypass Veeam Backup Replication

8.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.8 HIGH

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 19:57 vuln.today

CVE Published

Mar 12, 2026 - 15:16 nvd

HIGH 8.8

DescriptionCVE.org

A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository.

AnalysisAI

Authenticated domain users can bypass file access restrictions on Backup Repository systems to read, modify, or delete arbitrary files due to insufficient authorization controls. This high-severity flaw affects users with valid domain credentials and requires no user interaction to exploit. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Authenticate as domain user

Delivery

Access Backup Repository over network

Exploit

Bypass file access restrictions

Execution

Manipulate arbitrary backup files

Impact

Exfiltrate or corrupt backup data

Access

Authenticate as domain user

Delivery

Access Backup Repository over network

Exploit

Bypass file access restrictions

Execution

Manipulate arbitrary backup files

Impact

Exfiltrate or corrupt backup data

Vulnerability AssessmentAI

Exploitation	Authenticated domain user account with network access to Backup Repository. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 8.8 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker (requires authentication) could exploit this vulnerability to compromise the affected system.
Remediation	Monitor vendor advisories for a patch. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all backup repository instances and document current access controls; audit recent backup modification logs for suspicious activity. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-21668 vulnerability details – vuln.today

Back

Veeam Backup Replication CVE-2026-21668

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code