What is CVE-2023-27532 and how does it relate to credential exposure in Veeam?

CVE-2023-27532 is a vulnerability that allows leaking plaintext credentials stored in Veeam Backup & Replication. The exploit calls the CredentialsDbScopeGetAllCreds function to retrieve serialized XML data containing encrypted credentials. By using Veeam's built-in DLLs (e.g., Veeam.Backup.Common.dll) to deserialize the data, an attacker can obtain the plaintext credentials. This vulnerability targets the credentials managed in the Veeam console. The Veeam Backup & Replication Vulnerability Debugging Environment Setup article provides a brief analysis and POC reference.