Lucene search

AcronisCVELIST:CVE-2022-45458

HistoryMay 18, 2023 - 9:25 a.m.

CVE-2022-45458

2023-05-1809:25:04

CWE-295

Acronis

www.cve.org

sensitive information disclosure manipulation certification acronis agent cyber protect windows macos linux

4.2 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.2%

JSON

Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 29633, Acronis Cyber Protect 15 (Windows, macOS, Linux) before build 30984.

CNA Affected

[
  {
    "vendor": "Acronis",
    "product": "Acronis Agent",
    "platforms": [
      "Windows",
      "macOS",
      "Linux"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "29633",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Acronis",
    "product": "Acronis Cyber Protect 15",
    "platforms": [
      "Windows",
      "macOS",
      "Linux"
    ],
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "30984",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

security-advisory.acronis.com/advisories/SEC-3952

4.2 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.2%

JSON

Related for CVELIST:CVE-2022-45458