Lucene search

AcronisCVELIST:CVE-2022-45450

HistoryMay 18, 2023 - 9:27 a.m.

CVE-2022-45450

2023-05-1809:27:38

CWE-285

Acronis

www.cve.org

sensitive information

disclosure

manipulation

improper authorization

acronis agent

acronis cyber protect 15

linux

macos

windows

build 28610

build 30984

5.4 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.2%

JSON

Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 28610, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 30984.

CNA Affected

[
  {
    "vendor": "Acronis",
    "product": "Acronis Agent",
    "platforms": [
      "Linux",
      "macOS",
      "Windows"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "28610",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Acronis",
    "product": "Acronis Cyber Protect 15",
    "platforms": [
      "Linux",
      "macOS",
      "Windows"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "30984",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

security-advisory.acronis.com/advisories/SEC-2410

5.4 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.2%

JSON

Related for CVELIST:CVE-2022-45450