...
BugZero found this defect 2365 days ago.
When you open a support ticket, Veeam Customer Support specialists may request log files. These log files may contain information to which the terms of the data protection laws or internal company policies apply.
Veeam Backup & Replication log files may include the following types of sensitive data: User names. Object names that are specific for a customer infrastructure, such as hosts, datastores, VMs, clusters. VM file names and paths. FQDN/Hostname or NetBIOS names. IP addresses (IPv4 and IPv6). Customer-specific paths to backup files. Names of backup files. SharePoint information, such as database names, paths to databases, SharePoint site URL. Exchange information, such as database names, paths to databases. SQL information, such as database and instance name, paths to databases. Oracle information, such as database name, home name, Oracle SID, database global name, paths to databases. File copy information, such as customer-specific paths and names of files. File to tape information, such as customer-specific paths and names of files.
Veeam Backup for Microsoft 365 log files may include the following types of sensitive data: User names and user IDs. Object names that are specific for a customer infrastructure, such as hosts and their hardware configuration, local data storage, and object storage repository. FQDN/Hostname or NetBIOS names. IP addresses (IPv4 and IPv6). Customer-specific paths to backup files. Path to the Veeam license file and license information. Certificate thumbprints. Azure AD application name, ID, and assigned permissions. Assigned Microsoft Office 365 roles. SharePoint and OneDrive information, such as SharePoint IDs, SharePoint site URLs, SharePoint hierarchy, names of files, names of SharePoint lists, site collection membership, information about existing sharing links, and SharePoint settings. Exchange information, such as addresses of user mailboxes, mailbox IDs, mailboxes hierarchy, subjects of the Exchange items (for example, Email, Calendars, Meetings), and their modification date. Groups information: such as group membership, group mailbox address, and group owner address. Teams information, such as teams names, channels names, names of backup files, members of a team and their roles, channel settings. Exported data information, such as customer-specific paths and names of files.
The Veeam Customer Support team may provide a log scrubbing utility upon request. For more information on how we process the collected data, please visit: https://vee.am/processing_of_sensitive_data